1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved REG MFC Application has stop working

Discussion in 'Malware and Virus Removal Archive' started by jpolt, 2008/07/24.

  1. 2008/07/24
    jpolt

    jpolt Inactive Thread Starter

    Joined:
    2008/01/13
    Messages:
    8
    Likes Received:
    0
    [Resolved] REG MFC Application has stop working

    Hi,

    Each time I start PC this msg pop’s up, and not sure what it is coursing and how to fix, I try to Google on this but is not much coming, any help will be appreciate.
     
    jpolt,
    #1
  2. 2008/07/25
    Arie

    Arie Administrator Administrator Staff

    Joined:
    2001/12/27
    Messages:
    15,174
    Likes Received:
    412
    We'll need more (precise) info of what's happening. See if there are any error messages listed in Event Viewer.

    To open Event Viewer, go to Start and type eventvwr.msc in the Start Search box & hit Enter.

    Check your Application and System logs under Windows Logs for errors.

    You can double click on any error for more details, and there is also a button to copy the error to your clipboard for easy copying & pasting.
     
    Arie,
    #2


  3. to hide this advert.

  4. 2008/07/29
    jpolt

    jpolt Inactive Thread Starter

    Joined:
    2008/01/13
    Messages:
    8
    Likes Received:
    0
    This the Application general error:
    Faulting application Reg.exe, version 1.0.0.1, time stamp 0x40f66711, faulting module ntdll.dll, version 6.0.6001.18000, time stamp 0x4791a7a6, exception code 0xc0000005, fault offset 0x000439f9, process id 0x1424, application start time 0x01c8f175919e56c0.

    Details
    - System

    - Provider

    [ Name] Application Error

    - EventID 1000

    [ Qualifiers] 0

    Level 2

    Task 100

    Keywords 0x80000000000000

    - TimeCreated

    [ SystemTime] 2008-07-29T12:22:06.000Z

    EventRecordID 2023

    Channel Application

    Computer john-PC

    Security


    - EventData

    Reg.exe
    1.0.0.1
    40f66711
    ntdll.dll
    6.0.6001.18000
    4791a7a6
    c0000005
    000439f9
    1424
    01c8f175919e56c0

    And no system error

    Thanks for your help
     
    jpolt,
    #3
  5. 2008/07/29
    Arie

    Arie Administrator Administrator Staff

    Joined:
    2001/12/27
    Messages:
    15,174
    Likes Received:
    412
    Hi,

    Read this post, then post the requested log(s).

    I will move this to the Malware and Virus Removal forum, as I think this could well be malware related.
     
    Arie,
    #4
  6. 2008/07/30
    jpolt

    jpolt Inactive Thread Starter

    Joined:
    2008/01/13
    Messages:
    8
    Likes Received:
    0
    REG MFC Application has stop working

    Arie thanks for your help this the log you after

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 7:23:40 PM, on 30/07/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\AVG\AVG8\avgtray.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Gadu-Gadu\gg.exe
    C:\Program Files\108Mbps Wireless Network USB Dongle\WLANPRO.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe "
    O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\ereg.ini "
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\Windows\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe "
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: 108Mbps Wireless Network USB Dongle Configuration Utility.lnk = ?
    O4 - Global Startup: Reg.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: avgrsstx.dll
    O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\Windows\system32\acs.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Nortel CVC Service (NvcRpcServer) - Nortel Networks NA, Inc. - C:\Program Files\Nortel Networks\NvcRpcSvr.exe

    --
    End of file - 7100 bytes
     
    jpolt,
    #5
  7. 2008/08/01
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Scan again with HijackThis and place a check next to the following entry.

    O4 - Global Startup: Reg.lnk = ?

    Click Fix Checked and exit HijackThis
    Reboot and see if you get the error again.
     
    noahdfear,
    #6
  8. 2008/08/04
    jpolt

    jpolt Inactive Thread Starter

    Joined:
    2008/01/13
    Messages:
    8
    Likes Received:
    0
    Thanks Mate, it fix my problem, are you able to let me know why I did get this problem?
     
    jpolt,
    #7
  9. 2008/08/04
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Registry entries such as that are generally the result of malware. Lets use another tool to get a better look at things. Download Deckard's System Scanner (dss.exe) and save it to your desktop.
    • Close all applications and windows.
    • Double click on dss.exe to run it and follow the prompts.
    • When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.
    Post the contents of main.txt only for now.
     
    noahdfear,
    #8
  10. 2008/08/05
    jpolt

    jpolt Inactive Thread Starter

    Joined:
    2008/01/13
    Messages:
    8
    Likes Received:
    0
    Thanks for your help:

    main.txt

    Deckard's System Scanner v20071014.68
    Run by john on 2008-08-05 20:21:47
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- Last 5 Restore Point(s) --
    56: 2008-08-05 02:02:31 UTC - RP86 - Scheduled Checkpoint
    55: 2008-08-04 09:00:33 UTC - RP85 - Scheduled Checkpoint
    54: 2008-08-01 08:40:59 UTC - RP84 - Scheduled Checkpoint
    53: 2008-07-31 08:45:42 UTC - RP83 - Restore Operation
    52: 2008-07-31 04:22:03 UTC - RP82 - Scheduled Checkpoint


    -- First Restore Point --
    1: 2008-07-21 05:56:06 UTC - RP17 - Device Driver Package Install: Logitech Imaging devices


    Backed up registry hives.
    Performed disk cleanup.



    -- HijackThis (run as john.exe) ------------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:24:17 PM, on 5/08/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\108Mbps Wireless Network USB Dongle\WLANPRO.exe
    C:\Users\john\Desktop\dss.exe
    C:\Windows\system32\conime.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\john.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe "
    O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\ereg.ini "
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\Windows\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe "
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: 108Mbps Wireless Network USB Dongle Configuration Utility.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: avgrsstx.dll
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\Windows\system32\acs.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Nortel CVC Service (NvcRpcServer) - Nortel Networks NA, Inc. - C:\Program Files\Nortel Networks\NvcRpcSvr.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

    --
    End of file - 7455 bytes

    -- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

    backup-20080804-174136-989 O4 - Global Startup: Reg.lnk = ?

    -- File Associations -----------------------------------------------------------

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R1 PCLEPCI - \??\c:\windows\system32\drivers\pclepci.sys
    R3 ASAPIW2k - c:\windows\system32\drivers\asapiw2k.sys <Not Verified; Pinnacle Systems GmbH; asapi>


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    S2 ACS (Atheros Configuration Service) - c:\windows\system32\acs.exe


    -- Device Manager: Disabled ----------------------------------------------------

    No disabled devices found.


    -- Scheduled Tasks -------------------------------------------------------------

    2008-08-05 20:20:04 416 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{A765AA6B-B79F-484F-A084-3898C7625D5B}.job
    2008-08-04 23:11:18 418 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{2FCC102F-AE22-4921-9ABD-F58C29805CB3}.job


    -- Files created between 2008-07-05 and 2008-08-05 -----------------------------

    2008-07-30 20:11:00 0 d-------- C:\Users\All Users\Lavasoft
    2008-07-30 20:11:00 0 d-------- C:\Program Files\Lavasoft
    2008-07-30 20:10:15 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-07-30 19:49:52 0 d-------- C:\Users\All Users\Spybot - Search & Destroy
    2008-07-30 19:23:25 0 d-------- C:\Program Files\Trend Micro
    2008-07-27 12:12:27 0 d-------- C:\Users\john\Gadu-Gadu
    2008-07-26 20:18:15 0 d-------- C:\Users\All Users\ZoomBrowser
    2008-07-26 18:55:13 0 d-------- C:\Program Files\Common Files\Adobe AIR
    2008-07-26 18:54:22 0 d-------- C:\Users\All Users\Adobe
    2008-07-26 18:54:08 0 d-------- C:\Program Files\Common Files\Adobe
    2008-07-26 18:52:13 0 d-------- C:\Users\All Users\NOS
    2008-07-26 18:52:11 0 d-------- C:\Program Files\NOS
    2008-07-24 12:48:21 0 d-------- C:\Program Files\SmartFTP Client
    2008-07-24 12:47:58 0 d-------- C:\Program Files\SmartFTP Client 3.0 Setup Files
    2008-07-24 10:06:00 0 d-------- C:\Program Files\Nortel Networks
    2008-07-23 20:11:29 0 d-------- C:\Users\owner\Gadu-Gadu
    2008-07-23 20:11:24 0 d-------- C:\Program Files\Gadu-Gadu
    2008-07-23 20:09:51 0 d-------- C:\Windows\system32\Macromed
    2008-07-23 19:57:31 0 d--h----- C:\Users\All Users\CanonBJ
    2008-07-23 19:57:20 0 d--h----- C:\Windows\system32\CanonIJ Uninstaller Information
    2008-07-23 19:56:39 0 d--h----- C:\Program Files\CanonBJ
    2008-07-23 19:49:22 0 d-------- C:\Program Files\CD-LabelPrint
    2008-07-22 21:30:47 0 dr------- C:\Users\Marcin\Searches
    2008-07-22 21:30:42 0 dr------- C:\Users\Marcin\Contacts
    2008-07-22 21:30:32 0 d--hs---- C:\Users\Marcin\Templates
    2008-07-22 21:30:32 0 d--hs---- C:\Users\Marcin\Start Menu
    2008-07-22 21:30:32 0 d--hs---- C:\Users\Marcin\SendTo
    2008-07-22 21:30:32 0 d--hs---- C:\Users\Marcin\Recent
    2008-07-22 21:30:32 0 d--hs---- C:\Users\Marcin\PrintHood
    2008-07-22 21:30:32 0 d--hs---- C:\Users\Marcin\NetHood
    2008-07-22 21:30:32 0 d--hs---- C:\Users\Marcin\My Documents
    2008-07-22 21:30:32 0 d--hs---- C:\Users\Marcin\Local Settings
    2008-07-22 21:30:32 0 d--hs---- C:\Users\Marcin\Cookies
    2008-07-22 21:30:32 0 d--hs---- C:\Users\Marcin\Application Data
    2008-07-22 21:30:31 0 dr------- C:\Users\Marcin\Videos
    2008-07-22 21:30:31 0 dr------- C:\Users\Marcin\Saved Games
    2008-07-22 21:30:31 0 dr------- C:\Users\Marcin\Pictures
    2008-07-22 21:30:31 1048576 --ahs---- C:\Users\Marcin\ntuser.dat
    2008-07-22 21:30:31 0 dr------- C:\Users\Marcin\Music
    2008-07-22 21:30:31 0 dr------- C:\Users\Marcin\Links
    2008-07-22 21:30:31 0 dr------- C:\Users\Marcin\Favorites
    2008-07-22 21:30:31 0 dr------- C:\Users\Marcin\Downloads
    2008-07-22 21:30:31 0 dr------- C:\Users\Marcin\Documents
    2008-07-22 21:30:31 0 dr------- C:\Users\Marcin\Desktop
    2008-07-22 21:30:31 0 d--h----- C:\Users\Marcin\AppData
    2008-07-22 20:37:06 0 d-------- C:\Program Files\Common Files\L&H
    2008-07-22 20:36:58 0 d-------- C:\Program Files\Microsoft ActiveSync
    2008-07-22 20:36:37 0 d-------- C:\Program Files\Microsoft Works
    2008-07-22 20:36:23 0 d-------- C:\Program Files\Microsoft.NET
    2008-07-22 20:34:25 0 dr-h----- C:\MSOCache
    2008-07-22 19:44:08 56 --ah----- C:\Windows\system32\ezsidmv.dat
    2008-07-22 19:42:39 0 d-------- C:\Program Files\Skype
    2008-07-22 19:42:38 0 d-------- C:\Program Files\Common Files\Skype
    2008-07-22 19:42:36 0 d-------- C:\Users\All Users\Skype
    2008-07-22 19:23:20 0 d-------- C:\Program Files\Common Files\PX Storage Engine
    2008-07-22 19:22:15 0 d-------- C:\Windows\system32\drivers\Avg
    2008-07-22 19:22:11 0 d-------- C:\Program Files\AVG
    2008-07-22 19:22:10 0 d-------- C:\Users\All Users\avg8
    2008-07-22 19:18:03 0 d-------- C:\Users\All Users\Google
    2008-07-22 19:18:02 0 d-------- C:\Program Files\Google
    2008-07-22 18:58:29 2494464 --a------ C:\Windows\system32\WLANPRO.exe <Not Verified; ; WLANMON>
    2008-07-22 18:58:29 90112 --a------ C:\Windows\system32\oemres.dll <Not Verified; Atheros Communications, Inc.; oemres>
    2008-07-22 18:58:29 651264 --a------ C:\Windows\system32\libeay32.dll
    2008-07-22 18:58:29 43264 --a------ C:\Windows\system32\drivers\athfmwdl.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
    2008-07-22 18:58:29 283904 --a------ C:\Windows\system32\drivers\ar5523.sys <Not Verified; ; Wireless Network USB Dongle>
    2008-07-22 18:58:29 143632 --a------ C:\Windows\system32\drivers\ar5523.bin
    2008-07-22 18:58:29 186880 --a------ C:\Windows\system32\athfmwdl.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
    2008-07-22 18:58:29 409600 --a------ C:\Windows\system32\athcfg11.dll <Not Verified; Atheros; Atheros Configuration API Dynamic Link Library>
    2008-07-22 18:58:29 285952 --a------ C:\Windows\system32\ar55239x.sys <Not Verified; ; Wireless Network USB Dongle>
    2008-07-22 18:58:29 143536 --a------ C:\Windows\system32\ar5523.bin
    2008-07-22 18:58:29 61 --a------ C:\Windows\system32\acs.bat
    2008-07-22 18:58:29 0 d-------- C:\Program Files\Uninstall
    2008-07-22 18:58:28 147456 --a------ C:\Windows\system32\ssleay32.dll
    2008-07-22 18:58:28 2655 --a------ C:\Windows\system32\arccsel.dat
    2008-07-22 18:58:28 110592 --a------ C:\Windows\system32\AegisI5.exe <Not Verified; ; AegisInstall Application>
    2008-07-22 18:58:28 114688 --a------ C:\Windows\system32\AegisI2.exe <Not Verified; ; AegisInstall Application>
    2008-07-22 18:58:28 843776 --a------ C:\Windows\system32\AegisE5.dll <Not Verified; Meetinghouse Data Communications; AEGIS Client API>
    2008-07-22 18:58:28 847872 --a------ C:\Windows\system32\AegisE4.dll <Not Verified; Meetinghouse Data Communications; AEGIS Client API>
    2008-07-22 18:58:28 770048 --a------ C:\Windows\system32\AegisE2.dll <Not Verified; Meetinghouse Data Communications; AEGIS Client API>
    2008-07-22 18:58:28 967 --a------ C:\Windows\system32\acs.pif
    2008-07-22 18:58:28 36864 --a------ C:\Windows\system32\acs.exe
    2008-07-22 18:58:28 0 d-------- C:\Program Files\108Mbps Wireless Network USB Dongle
    2008-07-21 21:12:21 0 d-------- C:\Program Files\VNC4
    2008-07-21 20:37:18 81920 -----n--- C:\Windows\system32\vdrmux.dll <Not Verified; Pinnacle Systems; Pinnacle Systems vdrmux>
    2008-07-21 20:37:18 155721 -----n--- C:\Windows\system32\RALMain.dll <Not Verified; Pinnacle Systems GmbH; Register Abstraction Layer>
    2008-07-21 20:37:18 294912 -----n--- C:\Windows\system32\pvmjpg21.dll <Not Verified; Pegasus Imaging Corporation; PICVideo>
    2008-07-21 20:37:18 44544 -----n--- C:\Windows\system32\msxml4a.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP1>
    2008-07-21 20:37:18 73728 -----n--- C:\Windows\system32\MMAviAx.dll <Not Verified; Pinnacle Systems GmbH; miroVIDEO MFP>
    2008-07-21 20:37:18 32768 -----n--- C:\Windows\system32\MLPagAx.dll <Not Verified; Pinnacle Systems GmbH; MLPag DLL>
    2008-07-21 20:37:18 40960 -----n--- C:\Windows\system32\langserv.dll <Not Verified; Pinnacle Systems GmbH; miroVIDEO LangServ>
    2008-07-21 20:37:18 204881 -----n--- C:\Windows\system32\DiskIO.dll <Not Verified; Pinnacle Systems GmbH; Media File Sequencer>
    2008-07-21 20:37:18 32838 -----n--- C:\Windows\system32\Cachex.dll <Not Verified; Pinnacle Systems GmbH; Cache DLL>
    2008-07-21 20:37:18 114759 -----n--- C:\Windows\system32\Aviprax.dll <Not Verified; Pinnacle Systems GmbH; miroVIDEO AFP>
    2008-07-21 20:35:40 0 d-------- C:\Users\All Users\SmartSound Software Inc
    2008-07-21 20:35:40 0 d-------- C:\Program Files\SmartSound Software
    2008-07-21 20:34:44 86016 --a------ C:\Windows\unvise32qt.exe <Not Verified; MindVision; Installer VISE 2.8.3>
    2008-07-21 20:34:39 0 d-------- C:\Windows\system32\QuickTime
    2008-07-21 20:34:39 0 d-------- C:\Users\All Users\QuickTime
    2008-07-21 20:34:39 0 d-------- C:\Program Files\QuickTime
    2008-07-21 20:32:06 11264 --a------ C:\Windows\system32\drivers\asapiW2k.sys <Not Verified; Pinnacle Systems GmbH; asapi>
    2008-07-21 20:32:05 406016 --a------ C:\Windows\system32\PSDrvCheck.exe
    2008-07-21 20:32:05 19456 --a------ C:\Windows\system32\asapi.dll <Not Verified; VoB Computersysteme GmbH; >
    2008-07-21 20:32:04 90112 --a------ C:\Windows\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
    2008-07-21 20:30:52 49152 --a------ C:\Windows\system32\PCLEGetGuid.dll <Not Verified; Pinnacle Systems; Guid_dll>
    2008-07-21 20:27:26 0 d-------- C:\Users\All Users\Pinnacle
    2008-07-21 20:27:22 0 d-------- C:\Program Files\Pinnacle
    2008-07-21 20:27:07 14165 -----n--- C:\Windows\system32\drivers\Pclepci.sys <Not Verified; Pinnacle Systems GmbH; PCLEPCI>
    2008-07-21 20:23:01 0 -rahs---- C:\MSDOS.SYS
    2008-07-21 20:23:01 0 -rahs---- C:\IO.SYS
    2008-07-21 20:11:41 0 d-------- C:\Program Files\Common Files\Canon
    2008-07-21 19:32:23 0 d-------- C:\Users\All Users\SSScanWizard
    2008-07-21 19:32:23 0 d-------- C:\Users\All Users\SSScanAppDataDir
    2008-07-21 19:31:46 0 d-------- C:\Program Files\ScanSoft
    2008-07-21 19:31:46 0 d-------- C:\Program Files\Common Files\ScanSoft Shared
    2008-07-21 19:30:43 212480 --a------ C:\Windows\PCDLIB32.DLL <Not Verified; Eastman Kodak; Kodak Photo CD Access Developer Toolkit>
    2008-07-21 19:30:42 0 d-------- C:\Program Files\ArcSoft
    2008-07-21 19:29:24 306688 --a------ C:\Windows\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
    2008-07-21 19:29:02 0 d-------- C:\Windows\StartHtmico
    2008-07-21 19:28:34 0 d-------- C:\Users\john\{9b8c1862-f624-42f9-b482-6d3b0e97360a}
    2008-07-21 19:28:18 8704 --a------ C:\Windows\system32\CNMVS7L.DLL
    2008-07-21 19:27:24 0 d-------- C:\Program Files\Canon
    2008-07-21 09:48:24 0 dr------- C:\Users\john\Searches
    2008-07-21 09:48:14 0 dr------- C:\Users\john\Contacts
    2008-07-21 09:44:46 0 dr------- C:\Users\john\Videos
    2008-07-21 09:44:46 0 d--hs---- C:\Users\john\Templates
    2008-07-21 09:44:46 0 d--hs---- C:\Users\john\Start Menu
    2008-07-21 09:44:46 0 d--hs---- C:\Users\john\SendTo
    2008-07-21 09:44:46 0 dr------- C:\Users\john\Saved Games
    2008-07-21 09:44:46 0 d--hs---- C:\Users\john\Recent
    2008-07-21 09:44:46 0 d--hs---- C:\Users\john\PrintHood
    2008-07-21 09:44:46 0 dr------- C:\Users\john\Pictures
    2008-07-21 09:44:46 1572864 --ahs---- C:\Users\john\ntuser.dat
    2008-07-21 09:44:46 0 d--hs---- C:\Users\john\NetHood
    2008-07-21 09:44:46 0 d--hs---- C:\Users\john\My Documents
    2008-07-21 09:44:46 0 dr------- C:\Users\john\Music
    2008-07-21 09:44:46 0 d--hs---- C:\Users\john\Local Settings
    2008-07-21 09:44:46 0 dr------- C:\Users\john\Links
    2008-07-21 09:44:46 0 dr------- C:\Users\john\Favorites
    2008-07-21 09:44:46 0 dr------- C:\Users\john\Downloads
    2008-07-21 09:44:46 0 dr------- C:\Users\john\Documents
    2008-07-21 09:44:46 0 dr------- C:\Users\john\Desktop
    2008-07-21 09:44:46 0 d--hs---- C:\Users\john\Cookies
    2008-07-21 09:44:46 0 d--hs---- C:\Users\john\Application Data
    2008-07-21 09:44:46 0 d--h----- C:\Users\john\AppData
    2008-07-21 09:42:48 0 d-------- C:\Windows\SoftwareDistribution
    2008-07-21 09:18:47 0 d-------- C:\Users\All Users\NVIDIA
    2008-07-21 09:05:01 0 d-------- C:\NVIDIA
    2008-07-21 08:39:41 0 d-------- C:\Windows\system32\Atheros_L1e
    2008-07-21 08:39:17 0 d--h----- C:\Program Files\InstallShield Installation Information
    2008-07-21 08:36:49 0 d-------- C:\Program Files\VIA
    2008-07-21 08:36:30 0 d-------- C:\Program Files\Common Files\InstallShield
    2008-07-21 08:34:34 0 d-------- C:\Program Files\Intel
    2008-07-21 08:34:09 0 d-------- C:\Intel
    2008-07-21 07:54:21 0 d-------- C:\Windows\Panther
    2008-07-21 07:54:07 0 d--hs---- C:\Boot
    2008-07-21 07:48:19 0 d-------- C:\Windows\ConfigSetRoot
    2008-07-20 14:24:00 0 dr------- C:\Users\owner\Searches
    2008-07-20 14:23:51 0 dr------- C:\Users\owner\Contacts
    2008-07-20 14:23:40 0 dr------- C:\Users\owner\Videos
    2008-07-20 14:23:40 0 d--hs---- C:\Users\owner\Templates
    2008-07-20 14:23:40 0 d--hs---- C:\Users\owner\Start Menu
    2008-07-20 14:23:40 0 d--hs---- C:\Users\owner\SendTo
    2008-07-20 14:23:40 0 dr------- C:\Users\owner\Saved Games
    2008-07-20 14:23:40 0 d--hs---- C:\Users\owner\Recent
    2008-07-20 14:23:40 0 d--hs---- C:\Users\owner\PrintHood
    2008-07-20 14:23:40 0 dr------- C:\Users\owner\Pictures
    2008-07-20 14:23:40 1048576 --a------ C:\Users\owner\ntuser.dat
    2008-07-20 14:23:40 0 d--hs---- C:\Users\owner\NetHood
    2008-07-20 14:23:40 0 d--hs---- C:\Users\owner\My Documents
    2008-07-20 14:23:40 0 dr------- C:\Users\owner\Music
    2008-07-20 14:23:40 0 d--hs---- C:\Users\owner\Local Settings
    2008-07-20 14:23:40 0 dr------- C:\Users\owner\Links
    2008-07-20 14:23:40 0 dr------- C:\Users\owner\Favorites
    2008-07-20 14:23:40 0 dr------- C:\Users\owner\Downloads
    2008-07-20 14:23:40 0 dr------- C:\Users\owner\Documents
    2008-07-20 14:23:40 0 dr------- C:\Users\owner\Desktop
    2008-07-20 14:23:40 0 d--hs---- C:\Users\owner\Cookies
    2008-07-20 14:23:40 0 d--hs---- C:\Users\owner\Application Data
    2008-07-20 14:23:40 0 d--h----- C:\Users\owner\AppData
    2008-07-20 14:11:45 0 d-------- C:\Users\All Users\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    2008-07-20 14:11:42 0 d-------- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    2008-07-20 14:09:28 0 d-------- C:\Users\All Users\Microsoft Help
    2008-07-20 14:06:50 0 d------c- C:\Windows\system32\DRVSTORE
    2008-07-20 14:06:46 0 d-------- C:\Program Files\MSXML 4.0
    2008-07-20 14:06:43 0 d-------- C:\Windows\PCHEALTH
    2008-07-20 14:06:41 0 d--hs---- C:\Windows\Installer
    2008-07-20 14:06:41 0 d-------- C:\Program Files\Microsoft Windows OneCare Live
    2008-07-20 14:06:40 0 d-------- C:\Users\All Users\ccpreload
    2008-07-20 14:06:23 0 d-------- C:\Windows\Debug
    2008-07-20 14:02:20 0 d-------- C:\Windows\Prefetch
    2008-07-20 14:02:13 0 d--hs---- C:\System Volume Information


    -- Find3M Report ---------------------------------------------------------------

    2008-08-05 20:21:59 0 d-------- C:\Users\john\AppData\Roaming\Skype
    2008-08-05 20:18:46 0 d-------- C:\Users\john\AppData\Roaming\skypePM
    2008-08-04 21:30:00 0 d-------- C:\Users\john\AppData\Roaming\ZoomBrowser EX
    2008-07-30 20:10:15 0 d-------- C:\Program Files\Common Files
    2008-07-27 12:15:35 0 d-------- C:\Users\john\AppData\Roaming\Gadu-Gadu
    2008-07-26 18:55:56 0 d-------- C:\Users\john\AppData\Roaming\Adobe
    2008-07-24 17:50:53 0 d-------- C:\Program Files\Windows Mail
    2008-07-24 12:48:34 0 d-------- C:\Users\john\AppData\Roaming\SmartFTP
    2008-07-24 11:29:02 27203 --a------ C:\Users\john\AppData\Roaming\Personal Address Book.ADR
    2008-07-24 09:26:01 0 d-------- C:\Users\john\AppData\Roaming\Macromedia
    2008-07-23 18:52:15 31920 --a------ C:\Users\john\AppData\Roaming\UserTile.png
    2008-07-23 18:52:15 0 d-------- C:\Users\john\AppData\Roaming\PeerNetworking
    2008-07-22 19:41:35 0 d-------- C:\Users\john\AppData\Roaming\Google
    2008-07-21 19:32:24 0 d-------- C:\Users\john\AppData\Roaming\ScanSoft
    2008-07-21 09:48:16 0 d-------- C:\Users\john\AppData\Roaming\Identities
    2008-05-28 13:00:39 1257 --a------ C:\AppsInstall.bat


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    11/06/2008 10:33 PM 75128 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
    22/07/2008 07:22 PM 2055960 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{A057A204-BACC-4D26-9990-79A187E2698E} "= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [22/07/2008 07:22 PM 2055960]

    [-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}]
    [HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender "= "C:\Program Files\Windows Defender\MSASCui.exe" [21/01/2008 12:23 PM]
    "HDAudDeck "= "C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe" [14/01/2008 11:26 PM]
    "NvSvc "= "C:\Windows\system32\nvsvc.dll" [11/12/2007 05:06 PM]
    "NvCplDaemon "= "C:\Windows\system32\NvCpl.dll" [11/12/2007 05:06 PM]
    "NvMediaCenter "= "C:\Windows\system32\NvMcTray.dll" [11/12/2007 05:06 PM]
    "OpwareSE2 "= "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [08/05/2003 11:00 AM]
    "OPSE reminder "= "C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" [07/07/2003 09:29 AM]
    "PinnacleDriverCheck "= "C:\Windows\system32\PSDrvCheck.exe" [10/03/2004 04:26 PM]
    "QuickTime Task "= "C:\Program Files\QuickTime\qttask.exe" [21/07/2008 08:34 PM]
    "AVG8_TRAY "= "C:\PROGRA~1\AVG\AVG8\avgtray.exe" [22/07/2008 07:22 PM]
    "OneCareUI "= "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" [25/06/2008 06:48 AM]
    "Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [12/06/2008 02:38 AM]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar "= "C:\Program Files\Windows Sidebar\sidebar.exe" [21/01/2008 12:23 PM]
    "WindowsWelcomeCenter "= "oobefldr.dll,ShowWelcomeCenter" []
    "ehTray.exe "= "C:\Windows\ehome\ehTray.exe" [21/01/2008 12:25 PM]
    "swg "= "C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [22/07/2008 07:18 PM]
    "Skype "= "C:\Program Files\Skype\Phone\Skype.exe" [30/05/2008 03:54 PM]
    "WMPNSCFG "= "C:\Program Files\Windows Media Player\WMPNSCFG.exe" [21/01/2008 12:25 PM]
    "Gadu-Gadu "= "C:\Program Files\Gadu-Gadu\gg.exe" [20/03/2008 08:04 PM]
    "SpybotSD TeaTimer "= "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [07/07/2008 09:42 AM]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    108Mbps Wireless Network USB Dongle Configuration Utility.lnk - C:\Program Files\108Mbps Wireless Network USB Dongle\WLANPRO.exe [22/07/2008 6:58:29 PM]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin "=2 (0x2)
    "EnableLUA "=0 (0x0)
    "EnableUIADesktopToggle "=0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "appinit_dlls "=avgrsstx.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
    @= "Driver "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
    @= "Driver "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @= "Volume shadow copy "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
    @= "IEEE 1394 Bus host controllers "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
    @= "SBP2 IEEE 1394 Devices "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
    @= "SecurityDevices "

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc
    LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    C:\Windows\system32\unregmp2.exe /ShowWMP

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



    -- End of Deckard's System Scanner: finished at 2008-08-05 20:25:04 ------------
     
    jpolt,
    #9
  11. 2008/08/05
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    I don't see anything suspect in your log. It appears you've made quite a number of changes recently ..... installing programs and such. It's possible that one of those installations errantly added that entry to your startups. It's also possible that whatever added it, if rogue, has already been removed too. It wouldn't hurt to do an online scan as a double check though. If you're game, instructions below.

    Please scan with Kaspersky WebScanner

    You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
    • The program will launch and then begin downloading the latest definition files:
    • Once the files have been downloaded click on NEXT
    • Now click on Scan Settings
    • In the scan settings make that the following are selected:
      • Scan using the following Anti-Virus database:
      • Extended (if available otherwise Standard)
      • Scan Options:
      • Scan Archives
        Scan Mail Bases
    • Click OK
    • Now under select a target to scan:
      • Select My Computer
    • This will program will start and scan your system.
    • The scan will take a while so be patient and let it run.
    • Once the scan is complete it will display if your system has been infected.
      • Now click on the Save as Text button:
    • Save the file to your desktop.

    Post the Kaspersky log here.
     
    noahdfear,
    #10
  12. 2008/08/06
    jpolt

    jpolt Inactive Thread Starter

    Joined:
    2008/01/13
    Messages:
    8
    Likes Received:
    0
    Wednesday, August 06, 2008 9:17:35 PM
    Operating System: Microsoft Windows Vista Home Edition, Service Pack 1 (Build 6001)
    Kaspersky Online Scanner version: 5.0.98.0
    Kaspersky Anti-Virus database last update: 6/08/2008
    Kaspersky Anti-Virus database records: 1060579


    Scan Settings
    Scan using the following antivirus database extended
    Scan Archives true
    Scan Mail Bases true

    Scan Target My Computer
    A:\
    C:\
    D:\

    Scan Statistics
    Total number of scanned objects 80669
    Number of viruses found 0
    Number of infected objects 0
    Number of suspicious objects 0
    Duration of the scan process 00:29:28

    Infected Object Name Virus Name Last Action
    C:\Boot\BCD Object is locked skipped

    C:\Boot\BCD.LOG Object is locked skipped

    C:\Program Files\Microsoft Windows OneCare Live\ClientSD\Ent.dat Object is locked skipped

    C:\Program Files\Microsoft Windows OneCare Live\ClientSD\Prov\prov.xml Object is locked skipped

    C:\Program Files\Microsoft Windows OneCare Live\ClientSD\Prov\service.xml Object is locked skipped

    C:\Program Files\Microsoft Windows OneCare Live\ClientSD\Prov\service.xml.bak Object is locked skipped

    C:\Program Files\Microsoft Windows OneCare Live\ClientSD\Prov\user.xml Object is locked skipped

    C:\Program Files\Microsoft Windows OneCare Live\ClientSD\Prov\user.xml.bak Object is locked skipped

    C:\Program Files\Microsoft Windows OneCare Live\ClientSD\SubInfo.xml Object is locked skipped

    C:\Program Files\Microsoft Windows OneCare Live\Database\edb.log Object is locked skipped

    C:\Program Files\Microsoft Windows OneCare Live\Database\tmp.edb Object is locked skipped

    C:\Program Files\Microsoft Windows OneCare Live\Database\WinSS_st.edb Object is locked skipped

    C:\Program Files\Microsoft Windows OneCare Live\onecaremp_log.bin Object is locked skipped

    C:\Program Files\Microsoft Windows OneCare Live\WinSSSvc_log.bin Object is locked skipped

    C:\ProgramData\avg8\emc\Log\emc.log Object is locked skipped

    C:\ProgramData\avg8\Log\avgcore.log Object is locked skipped

    C:\ProgramData\avg8\Log\avglng.log Object is locked skipped

    C:\ProgramData\avg8\Log\avgrs.log Object is locked skipped

    C:\ProgramData\avg8\Log\avgsched.log Object is locked skipped

    C:\ProgramData\avg8\Log\avgui.log Object is locked skipped

    C:\ProgramData\avg8\Log\avgwd.log Object is locked skipped

    C:\ProgramData\avg8\Log\commonpriv.log Object is locked skipped

    C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\31a39916832079e41167b9d12bbde733_c417d802-d2e0-4fcc-95df-808bedc9b6b9 Object is locked skipped

    C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

    C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

    C:\ProgramData\Microsoft\OneCare Protection\Support\MPLog-07222008-192317.log Object is locked skipped

    C:\ProgramData\Microsoft\Protection Service\edb.log Object is locked skipped

    C:\ProgramData\Microsoft\Protection Service\edbtmp.log Object is locked skipped

    C:\ProgramData\Microsoft\Protection Service\MPSSVCPolicyIdLog.etl Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.12.Crwl Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.12.gthr Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.wid Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010012.wid Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wid Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.wid Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.wid Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.ci Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wsb Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001A.wid Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy5.gthr Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped

    C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped

    C:\ProgramData\Microsoft\Windows\DRM\drmstore.hds Object is locked skipped

    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Media Player\CurrentDatabase_360.wmdb Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\UsrClass.dat{bfd0b6f4-56b3-11dd-92ae-001fc65de7e4}.TM.blf Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\UsrClass.dat{bfd0b6f4-56b3-11dd-92ae-001fc65de7e4}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows\UsrClass.dat{bfd0b6f4-56b3-11dd-92ae-001fc65de7e4}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped

    C:\Users\john\AppData\Local\Microsoft\Windows Sidebar\Settings.ini Object is locked skipped

    C:\Users\john\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\call256.dbb Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\callmember256.dbb Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\chat512.dbb Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\chatmember256.dbb Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\chatmsg256.dbb Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\chatmsg512.dbb Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\contactgroup256.dbb Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\dyncontent\bundle.dat Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\index2.dat Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\profile16384.dbb Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\user1024.dbb Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\user16384.dbb Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\user256.dbb Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\user4096.dbb Object is locked skipped

    C:\Users\john\AppData\Roaming\Skype\jpoltora1\voicemail256.dbb Object is locked skipped

    C:\Users\john\ntuser.dat Object is locked skipped

    C:\Users\john\ntuser.dat.LOG1 Object is locked skipped

    C:\Users\john\ntuser.dat.LOG2 Object is locked skipped

    C:\Users\john\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped

    C:\Users\john\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped

    C:\Users\john\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012008080620080807\index.dat Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\UsrClass.dat{13990c29-5612-11dd-a62b-a953dfb873f9}.TM.blf Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\UsrClass.dat{13990c29-5612-11dd-a62b-a953dfb873f9}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows\UsrClass.dat{13990c29-5612-11dd-a62b-a953dfb873f9}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped

    C:\Users\owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini Object is locked skipped

    C:\Users\owner\AppData\Local\Temp\~DF6EFC.tmp Object is locked skipped

    C:\Users\owner\AppData\Local\Temp\~DF76C9.tmp Object is locked skipped

    C:\Users\owner\AppData\Local\Temp\~DFCA11.tmp Object is locked skipped

    C:\Users\owner\AppData\Local\Temp\~DFFD0D.tmp Object is locked skipped

    C:\Users\owner\AppData\Roaming\Microsoft\Templates\Normal.dot Object is locked skipped

    C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped

    C:\Users\owner\AppData\Roaming\Microsoft\Word\AutoRecovery save of McDonaldization.asd Object is locked skipped

    C:\Users\owner\AppData\Roaming\Skype\jpoltora1\call256.dbb Object is locked skipped

    C:\Users\owner\AppData\Roaming\Skype\jpoltora1\callmember256.dbb Object is locked skipped

    C:\Users\owner\AppData\Roaming\Skype\jpoltora1\chat512.dbb Object is locked skipped

    C:\Users\owner\AppData\Roaming\Skype\jpoltora1\chatmember256.dbb Object is locked skipped

    C:\Users\owner\AppData\Roaming\Skype\jpoltora1\chatmsg256.dbb Object is locked skipped

    C:\Users\owner\AppData\Roaming\Skype\jpoltora1\chatmsg512.dbb Object is locked skipped

    C:\Users\owner\AppData\Roaming\Skype\jpoltora1\contactgroup256.dbb Object is locked skipped

    C:\Users\owner\AppData\Roaming\Skype\jpoltora1\dyncontent\bundle.dat Object is locked skipped

    C:\Users\owner\AppData\Roaming\Skype\jpoltora1\index2.dat Object is locked skipped

    C:\Users\owner\AppData\Roaming\Skype\jpoltora1\profile16384.dbb Object is locked skipped

    C:\Users\owner\AppData\Roaming\Skype\jpoltora1\user1024.dbb Object is locked skipped

    C:\Users\owner\AppData\Roaming\Skype\jpoltora1\user16384.dbb Object is locked skipped

    C:\Users\owner\AppData\Roaming\Skype\jpoltora1\user256.dbb Object is locked skipped

    C:\Users\owner\AppData\Roaming\Skype\jpoltora1\voicemail256.dbb Object is locked skipped

    C:\Users\owner\Desktop\McDonaldization.doc Object is locked skipped

    C:\Users\owner\ntuser.dat Object is locked skipped

    C:\Users\owner\ntuser.dat.LOG1 Object is locked skipped

    C:\Users\owner\ntuser.dat.LOG2 Object is locked skipped

    C:\Users\owner\NTUSER.DAT{8f39f735-57cc-11dd-9d7f-001fc65de7e4}.TM.blf Object is locked skipped

    C:\Users\owner\NTUSER.DAT{8f39f735-57cc-11dd-9d7f-001fc65de7e4}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped

    C:\Users\owner\NTUSER.DAT{8f39f735-57cc-11dd-9d7f-001fc65de7e4}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped

    C:\Windows\Debug\PASSWD.LOG Object is locked skipped

    C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped

    C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Object is locked skipped

    C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Object is locked skipped

    C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WindowsUpdate.log Object is locked skipped

    C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT Object is locked skipped

    C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 Object is locked skipped

    C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG2 Object is locked skipped

    C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped

    C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped

    C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped

    C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT Object is locked skipped

    C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 Object is locked skipped

    C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2 Object is locked skipped

    C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{1f5299f0-5eb1-11dd-a22c-444553544200}.TM.blf Object is locked skipped

    C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{1f5299f0-5eb1-11dd-a22c-444553544200}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped

    C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{1f5299f0-5eb1-11dd-a22c-444553544200}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped

    C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped

    C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped

    C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped

    C:\Windows\System32\catroot2\edb.log Object is locked skipped

    C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped

    C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped

    C:\Windows\System32\config\COMPONENTS Object is locked skipped

    C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped

    C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped

    C:\Windows\System32\config\DEFAULT Object is locked skipped

    C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped

    C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped

    C:\Windows\System32\config\RegBack\COMPONENTS Object is locked skipped

    C:\Windows\System32\config\RegBack\DEFAULT Object is locked skipped

    C:\Windows\System32\config\RegBack\SAM Object is locked skipped

    C:\Windows\System32\config\RegBack\SECURITY Object is locked skipped

    C:\Windows\System32\config\RegBack\SOFTWARE Object is locked skipped

    C:\Windows\System32\config\RegBack\SYSTEM Object is locked skipped

    C:\Windows\System32\config\SAM Object is locked skipped

    C:\Windows\System32\config\SAM.LOG1 Object is locked skipped

    C:\Windows\System32\config\SAM.LOG2 Object is locked skipped

    C:\Windows\System32\config\SECURITY Object is locked skipped

    C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped

    C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped

    C:\Windows\System32\config\SOFTWARE Object is locked skipped

    C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped

    C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped

    C:\Windows\System32\config\SYSTEM Object is locked skipped

    C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped

    C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped

    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped

    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped

    C:\Windows\System32\config\TxR\{1f5299da-5eb1-11dd-a22c-444553544200}.TxR.0.regtrans-ms Object is locked skipped

    C:\Windows\System32\config\TxR\{1f5299da-5eb1-11dd-a22c-444553544200}.TxR.1.regtrans-ms Object is locked skipped

    C:\Windows\System32\config\TxR\{1f5299da-5eb1-11dd-a22c-444553544200}.TxR.2.regtrans-ms Object is locked skipped

    C:\Windows\System32\config\TxR\{1f5299da-5eb1-11dd-a22c-444553544200}.TxR.blf Object is locked skipped

    C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped

    C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped

    C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped

    C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped

    C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped

    C:\Windows\System32\Msdtc\KtmRmTm.blf Object is locked skipped

    C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000001 Object is locked skipped

    C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000002 Object is locked skipped

    C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped

    C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped

    C:\Windows\System32\wbem\repository\INDEX.BTR Object is locked skipped

    C:\Windows\System32\wbem\repository\MAPPING1.MAP Object is locked skipped

    C:\Windows\System32\wbem\repository\MAPPING2.MAP Object is locked skipped

    C:\Windows\System32\wbem\repository\OBJECTS.DATA Object is locked skipped

    C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl.002 Object is locked skipped

    C:\Windows\System32\wfp\wfpdiag.etl Object is locked skipped

    C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Media Center.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\MSFWSVC.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped

    C:\Windows\System32\winevt\Logs\Windows OneCare.evtx Object is locked skipped

    C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped

    C:\Windows\WindowsUpdate.log Object is locked skipped

    Scan process completed.
     
    jpolt,
    #11
  13. 2008/08/07
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    All good there. Everything working as it should?
     
    noahdfear,
    #12
  14. 2008/08/07
    jpolt

    jpolt Inactive Thread Starter

    Joined:
    2008/01/13
    Messages:
    8
    Likes Received:
    0
    Thanks, it is I don't getting any more MFC error the only think I can think off is that as you spotted I did install few things (this is new machine) and I did copy few things from my old PC HD so it could be some rubbish from old PC.
     
    jpolt,
    #13
  15. 2008/08/07
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    I'll mark this topic resolved then. You're quite welcome. Glad I could help. :)
     
    noahdfear,
    #14

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...