"bump"
My Computer Restarts Unexpectedly
This is my first post at this forum.
I do expect to receive response(s) from you guyz...
Thanks in advance...
This is my problem:
> My computer restarts unexpectedly
> It restarts always when I use Microsoft Word and Firefox
> Sometimes it restarts in different programs
> Before it restarts, it will turn to black for 2-3 seconds
> Sometimes when it turns to black, there appear dotted colors (but this is seldom)
> Sometimes when it turns to black, the mouse pointer became big, and after that the computer restarts.
> Sometimes the numluck key doesn't work and the mouse pointer can't be moved, that's the time I know my computer will restart again
Here is the log:
Deckard's System Scanner v20071014.68
Run by RiChaRD on 2008-06-12 17:45:19
Computer is in Normal Mode.
--------------------------------------------------------------------------------
System Drive C: has 2.26 GiB (less than 15%) free.
-- HijackThis (run as RiChaRD.exe) ---------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:47:13 Chad, on 6/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\GizmoPlugin\GizmoPlugin.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Nokia\Tools\NclTray.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\PC Suite for Nokia 6600\connmngmntbox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nokia\PC Suite for Nokia 6600\ectaskscheduler.exe
C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe
C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe
C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE
C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Yahoo!\Companion\Installs\cpn0\ytbb.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Documents and Settings\RiChaRD\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\RiChaRD.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\Tools\NclTray.exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orbit.lnk = ?
O4 - Global Startup: PCSuiteForNokia6600 Detect.lnk = ?
O4 - Global Startup: PCSuiteForNokia6600 TS.lnk = ?
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.ph/com/EGamesPlugin.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1208684133671
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Gizmo VoIP Service (Gizmo Plugin) - SIPphone, Inc. - C:\Program Files\GizmoPlugin\GizmoPlugin.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
--
End of file - 9584 bytes
-- Files created between 2008-05-12 and 2008-06-12 -----------------------------
2008-06-12 17:26:12 0 d-------- C:\ZonedOut
2008-06-12 17:22:31 0 d-------- C:\Program Files\SpywareBlaster
2008-06-12 17:19:58 0 d-------- C:\ie-spyad_zo
2008-06-12 16:45:58 0 d-------- C:\Program Files\EsetOnlineScanner
2008-06-12 16:23:49 0 d-------- C:\Program Files\Trend Micro
2008-06-12 15:32:30 0 dr-h----- C:\Documents and Settings\RiChaRD\Recent
2008-06-11 22:11:15 0 d-------- C:\Program Files\Design Science
2008-06-11 22:11:10 16384 --a------ C:\WINDOWS\system32\FileOps.exe
2008-06-11 22:11:03 0 d-------- C:\Program Files\English Master
2008-06-11 20:18:59 4682 --a------ C:\WINDOWS\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
2008-06-10 14:01:47 0 d-------- C:\WINDOWS\Ulead.dat
2008-06-09 16:02:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Macrovision
2008-06-09 15:58:22 0 d-------- C:\Program Files\Common Files\Macromedia Shared
2008-06-09 15:51:14 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Uniblue
2008-06-09 10:09:47 0 d-------- C:\Program Files\Callum Haywood
2008-06-08 17:39:46 86016 --a------ C:\WINDOWS\system32\gigagetbho_v10.dll <Not Verified; Giganology Inc.; GigagetBHO Module>
2008-06-08 17:39:41 0 d-------- C:\Program Files\Giganology
2008-06-08 10:30:44 0 d-------- C:\Program Files\DAP
2008-06-08 07:10:56 0 d-------- C:\Program Files\Common Files\L&H
2008-06-08 07:09:54 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-06-08 07:07:13 0 d-------- C:\Program Files\Microsoft Works
2008-06-08 07:05:37 0 d-------- C:\WINDOWS\SHELLNEW
2008-06-08 07:05:25 0 d-------- C:\Program Files\Microsoft.NET
2008-06-08 06:52:38 0 dr-h----- C:\MSOCache
2008-06-07 21:45:47 34 --ah----- C:\WINDOWS\system32\DVDRippper_sysquict.dat
2008-06-07 21:45:38 0 d-------- C:\Program Files\Abcc Free Youtube FLV Video Downloader&Converter
2008-06-07 21:45:05 0 d-------- C:\Program Files\XP Codec Pack
2008-06-07 20:51:22 0 d-------- C:\Program Files\vixy.net
2008-06-07 17:58:14 0 d-------- C:\Program Files\L-NU
2008-06-06 14:28:06 0 d-------- C:\Program Files\e-Games
2008-06-06 07:51:21 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-06-05 10:45:51 0 d-------- C:\Program Files\Delta
2008-06-05 10:27:22 0 d-------- C:\Program Files\bleem
2008-06-05 09:49:08 0 d-------- C:\Program Files\thriXXX
2008-06-04 18:32:45 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Help
2008-06-03 15:11:57 0 d-------- C:\Program Files\IrfanView
2008-06-01 21:56:38 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Nero
2008-06-01 21:53:22 0 d-------- C:\Program Files\Nero
2008-06-01 21:53:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-06-01 21:53:21 0 d-------- C:\Program Files\Common Files\Nero
2008-06-01 13:04:52 216064 --a------ C:\WINDOWS\iun3405.exe <Not Verified; Indigo Rose Corporation; Indigo Rose Corporation unin32>
2008-05-31 09:34:22 0 d-------- C:\Program Files\filehippo.com
2008-05-30 17:36:12 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\U3
2008-05-30 16:47:36 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-05-30 16:36:12 0 d-------- C:\Program Files\Bonjour
2008-05-30 16:21:34 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-05-30 11:51:17 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Media Player Classic
2008-05-30 08:08:44 347136 --a------ C:\Documents and Settings\RiChaRD\legion.dll
2008-05-27 06:11:35 48 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-05-27 06:11:34 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\skypePM
2008-05-27 06:10:35 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Skype
2008-05-27 06:10:11 0 d-------- C:\Program Files\Skype
2008-05-27 06:10:10 0 d-------- C:\Program Files\Common Files\Skype
2008-05-27 06:09:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-05-26 22:52:10 0 d-------- C:\Documents and Settings\All Users\Application Data\5554df5
2008-05-26 22:50:23 0 d-------- C:\Program Files\79A8F
2008-05-26 20:07:11 0 d-------- C:\Program Files\Free Keylogger
2008-05-26 18:17:10 9452 --a------ C:\Documents and Settings\All Users\Application Data\keyslite.dat
2008-05-25 09:41:09 0 d-------- C:\Program Files\GizmoPlugin
2008-05-24 20:50:49 0 d-------- C:\Documents and Settings\VISITORS\Application Data\WinRAR
2008-05-24 18:07:18 75 --a------ C:\Documents and Settings\All Users\Application Data\kldata.dat
2008-05-24 09:33:15 0 d-------- C:\Documents and Settings\VISITORS\Application Data\Winamp
2008-05-23 18:41:31 0 d-------- C:\Documents and Settings\RiChaRD\Contacts
2008-05-23 10:02:28 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-05-23 10:02:11 0 d-------- C:\Program Files\Windows Live
2008-05-23 10:01:53 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-23 09:58:42 0 d-------- C:\Documents and Settings\All Users\Application Data\comodo
2008-05-23 09:18:07 0 d-------- C:\Documents and Settings\VISITORS\ChikkaDefault
2008-05-22 17:52:48 0 d-------- C:\Program Files\FLVPlayer
2008-05-22 17:02:14 0 d-------- C:\Program Files\Photo Story 3 for Windows
2008-05-22 16:37:08 0 d-------- C:\Program Files\Windows Media Connect 2
2008-05-22 16:34:25 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-21 21:15:49 131584 --a------ C:\WINDOWS\system32\SpoonUninstall.exe
2008-05-21 20:55:01 0 d-------- C:\Program Files\Microsoft SMS Sender
2008-05-17 13:54:02 487479 --a------ C:\WINDOWS\system32\SkinMagic.dll <Not Verified; Appspeed Inc.; Appspeed SkinMagic Toolkit>
2008-05-17 13:54:02 60273 --a------ C:\WINDOWS\system32\pthreadGC2.dll <Not Verified; Open Source Software community project; >
2008-05-17 13:54:02 719872 --a------ C:\WINDOWS\system32\devil.dll <Not Verified; Abysmal Software; Developer's Image Library (DevIL)>
2008-05-17 13:54:02 313344 --a------ C:\WINDOWS\system32\avisynth.dll <Not Verified; The Public; Avisynth 2.5>
2008-05-17 13:54:01 0 d-------- C:\WINDOWS\system32\avsplugin
2008-05-17 13:54:01 7277568 --a------ C:\WINDOWS\system32\3gpcore.dll
2008-05-17 13:54:01 0 d-------- C:\Program Files\Smallvideosoft
2008-05-17 12:06:15 0 d-------- C:\Documents and Settings\VISITORS\Application Data\Mozilla
2008-05-17 11:45:26 0 d-------- C:\Documents and Settings\VISITORS\Application Data\Macromedia
2008-05-17 11:45:20 0 d-------- C:\Documents and Settings\VISITORS\Application Data\Adobe
2008-05-17 11:45:04 0 d-------- C:\Documents and Settings\VISITORS\Application Data\Yahoo!
2008-05-17 11:45:02 0 d-------- C:\Documents and Settings\VISITORS\Application Data\AVGTOOLBAR
2008-05-17 11:43:18 0 d-------- C:\Documents and Settings\VISITORS\Application Data\SiteAdvisor
2008-05-17 11:43:18 0 d-------- C:\Documents and Settings\VISITORS\Application Data\Orbit
2008-05-17 11:43:17 0 d-------- C:\Documents and Settings\VISITORS\Phone Browser
2008-05-17 11:43:01 0 d-------- C:\Documents and Settings\VISITORS\Application Data\Identities
2008-05-17 11:42:47 0 d--h----- C:\Documents and Settings\VISITORS\Templates
2008-05-17 11:42:47 0 dr------- C:\Documents and Settings\VISITORS\Start Menu
2008-05-17 11:42:47 0 dr-h----- C:\Documents and Settings\VISITORS\SendTo
2008-05-17 11:42:47 0 d--h----- C:\Documents and Settings\VISITORS\PrintHood
2008-05-17 11:42:47 1310720 --ah----- C:\Documents and Settings\VISITORS\NTUSER.DAT
2008-05-17 11:42:47 0 d--h----- C:\Documents and Settings\VISITORS\NetHood
2008-05-17 11:42:47 0 dr------- C:\Documents and Settings\VISITORS\My Documents
2008-05-17 11:42:47 0 d--h----- C:\Documents and Settings\VISITORS\Local Settings
2008-05-17 11:42:47 0 dr------- C:\Documents and Settings\VISITORS\Favorites
2008-05-17 11:42:47 0 d-------- C:\Documents and Settings\VISITORS\Desktop
2008-05-17 11:42:47 0 d--hs---- C:\Documents and Settings\VISITORS\Cookies
2008-05-17 11:42:47 0 dr-h----- C:\Documents and Settings\VISITORS\Application Data
2008-05-17 11:42:47 0 d---s---- C:\Documents and Settings\VISITORS\Application Data\Microsoft
2008-05-16 17:15:35 0 d-------- C:\Documents and Settings\RiChaRD\.SunDownloadManager
2008-05-15 20:07:44 0 d-------- C:\WINDOWS\system32\LogFiles
2008-05-15 18:37:00 0 d-------- C:\Program Files\FlashGet
2008-05-15 18:36:06 0 d-------- C:\Program Files\MSECache
2008-05-15 10:26:25 0 d-------- C:\Program Files\InstantBoss
-- Find3M Report ---------------------------------------------------------------
2008-06-12 17:25:11 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Orbit
2008-06-12 12:28:08 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\LimeWire
2008-06-11 22:11:10 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-11 20:17:20 0 d-------- C:\Program Files\LimeWire
2008-06-11 14:05:24 0 d-------- C:\Program Files\3GP Player
2008-06-09 16:02:38 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Macromedia
2008-06-09 15:58:41 0 d-------- C:\Program Files\Opera 9.5 beta
2008-06-09 15:58:22 0 d-------- C:\Program Files\Common Files
2008-06-09 15:55:53 0 d-------- C:\Program Files\Macromedia
2008-06-09 15:55:53 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-08 08:25:05 0 d-------- C:\Program Files\7-Zip
2008-06-07 20:52:35 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\SiteAdvisor
2008-06-06 11:46:55 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Adobe
2008-06-04 07:09:47 0 d-------- C:\Program Files\Codec Pack - All In 1
2008-06-04 07:09:29 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-05-25 08:57:07 0 d-------- C:\Program Files\SiteAdvisor
2008-05-24 10:49:05 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\AVGTOOLBAR
2008-05-22 17:20:48 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Audacity
2008-05-21 15:46:52 0 d-------- C:\Program Files\Notepad++
2008-05-20 16:17:36 0 d-------- C:\Program Files\nLite
2008-05-07 18:40:31 0 d-------- C:\Program Files\Java
2008-05-01 21:37:54 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Notepad++
2008-04-30 06:23:39 0 d-------- C:\Program Files\Imikimi
2008-04-28 21:21:09 0 d-------- C:\Program Files\AVG
2008-04-27 19:43:43 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Opera
2008-04-26 21:00:51 0 d-------- C:\Program Files\glassfish-v2
2008-04-26 10:25:42 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\DeepBurner
2008-04-20 20:11:38 0 d-------- C:\Program Files\Winamp
2008-04-20 20:00:57 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Winamp
2008-04-20 10:08:22 0 d-------- C:\Program Files\Learn Typing Quick & Easy
2008-04-19 20:17:09 0 d-------- C:\Program Files\NetBeans 6.0
2008-04-19 20:16:20 0 d-------- C:\Program Files\Apache Software Foundation
2008-04-19 15:20:56 0 d-------- C:\Program Files\ScanDrv6
2008-04-19 14:13:05 0 d-------- C:\Program Files\GabbaSoft
2008-04-19 11:24:48 0 d-------- C:\Program Files\CyberLink
2008-04-19 11:23:51 0 d-------- C:\Program Files\Common Files\InstallShield
2008-04-19 09:58:37 0 d-------- C:\Program Files\CFS-Technologies
2008-04-19 09:45:16 0 d-------- C:\Program Files\Astonsoft
2008-04-18 21:46:59 0 d-------- C:\Program Files\Audacity 1.3 Beta (Unicode)
2008-04-18 20:30:04 0 d-------- C:\Program Files\MSXML 4.0
2008-04-18 05:37:15 0 d-------- C:\Program Files\Intuwave
2008-04-18 05:36:33 0 d-------- C:\Program Files\Common Files\Nokia
2008-04-18 05:36:32 0 d-------- C:\Program Files\Common Files\PCSuite
2008-04-18 05:35:44 0 d-------- C:\Program Files\Nokia
2008-04-15 21:20:21 0 d-------- C:\Program Files\MIKSOFT
2008-04-15 17:09:00 0 d-------- C:\Program Files\Xilisoft
2008-04-14 22:53:41 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\HPAppData
2008-04-14 22:37:02 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\HP
2008-04-14 22:36:48 137623 --a------ C:\WINDOWS\HPHins15.dat
2008-04-14 22:35:17 0 d-------- C:\Program Files\HP
2008-04-14 22:32:48 0 d-------- C:\Program Files\Common Files\HP
2008-04-14 07:40:52 0 d-------- C:\Program Files\Common Files\Macromedia
2008-04-13 11:05:13 0 d-------- C:\Program Files\FLV Player
2008-04-13 08:53:24 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Yahoo!
2008-04-13 07:16:27 0 d-------- C:\Program Files\Acro Software
2008-04-13 06:57:03 0 d-------- C:\Program Files\Sun
2008-04-13 06:53:19 0 d-------- C:\Program Files\Common Files\Java
2008-04-13 06:52:55 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Sun
2008-04-13 06:47:58 0 d-------- C:\Program Files\Vimicro
2008-04-12 19:22:43 0 d-------- C:\Program Files\Common Files\ODBC
2008-04-12 19:22:39 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-04-12 19:22:13 62 --ahs---- C:\Documents and Settings\RiChaRD\Application Data\desktop.ini
2008-04-12 19:06:52 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\WinRAR
2008-04-12 18:57:02 0 d-------- C:\Program Files\C-Media 3D Audio
2008-04-12 18:56:16 0 d-------- C:\Program Files\S3
2008-04-12 18:39:38 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Identities
2008-04-12 18:31:36 0 d-------- C:\Program Files\Windows NT
2008-04-12 18:31:36 0 d-------- C:\Program Files\msn gaming zone
2008-04-12 18:31:36 0 d-------- C:\Program Files\microsoft frontpage
2008-04-12 18:31:10 0 -rahs---- C:\MSDOS.SYS
2008-04-12 18:31:10 0 -rahs---- C:\IO.SYS
2008-04-12 18:31:10 0 --a------ C:\CONFIG.SYS
2008-04-12 18:31:10 0 --a------ C:\AUTOEXEC.BAT
2008-04-12 18:29:45 0 d--h----- C:\Program Files\WindowsUpdate
2008-04-12 18:29:41 0 d-------- C:\Program Files\Online Services
2008-04-12 18:28:56 0 d-------- C:\Program Files\Common Files\MSSoap
2008-04-12 18:28:48 0 d-------- C:\Program Files\Movie Maker
2008-04-12 18:27:54 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-04-12 12:57:09 0 d-------- C:\Program Files\VistaVG Theme for XP [ Uploaded By Ceekeigh ]
2008-04-12 09:22:21 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Talkback
2008-04-12 07:18:26 0 --a------ C:\WINDOWS\nsreg.dat
2008-04-12 07:18:23 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Mozilla
2008-04-12 07:17:10 0 d-------- C:\Program Files\Yahoo!
2008-04-12 07:04:54 0 d-------- C:\Program Files\Orbitdownloader
2008-04-12 04:32:11 0 d-------- C:\Program Files\Alwil Software
2008-04-12 04:28:49 0 d-------- C:\Program Files\CCleaner
2008-04-12 00:09:09 0 d-------- C:\Program Files\Chikka Messenger
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
04/28/2008 09:21 Chad 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [04/28/2008 09:21 Chad 2050816]
[-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [03/08/2005 03:33 Chad C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [03/11/2005 05:33 Chad C:\WINDOWS\system32\VTTrayp.exe]
"Cmaudio"="cmicnfg.cpl" []
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [12/05/2007 05:03 Chad]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 Chad]
"BluetoothAuthenticationAgent"="bthprops.cpl" [12/31/2002 08:00 Chad C:\WINDOWS\system32\bthprops.cpl]
"Nokia Tray Application"="C:\Program Files\Common Files\Nokia\Tools\NclTray.exe" [12/19/2003 11:38 Chad]
"DataLayer"="C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe" [02/19/2004 04:23 Chad]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [04/28/2008 09:21 Chad]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [12/31/2002 08:00 Chad]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
hpdevmgmt hpqcxs08 hpqddsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
AutoRun\command- F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{599f65bc-0880-11dd-84de-88e89b903bf0}]
AutoRun\command- F:\bar311.exe %1
Explore\command- F:\bar311.exe %1
Open\command- F:\bar311.exe %1
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cebd1ba8-2e21-11dd-859e-001060abcd13}]
AutoRun\command- F:\LaunchU3.exe -a
-- End of Deckard's System Scanner: finished at 2008-06-12 17:47:39 ------------
extra.txt was already uploaded here
I do expect to receive response(s) from you guyz...
Thanks in advance...
This is my problem:
> My computer restarts unexpectedly
> It restarts always when I use Microsoft Word and Firefox
> Sometimes it restarts in different programs
> Before it restarts, it will turn to black for 2-3 seconds
> Sometimes when it turns to black, there appear dotted colors (but this is seldom)
> Sometimes when it turns to black, the mouse pointer became big, and after that the computer restarts.
> Sometimes the numluck key doesn't work and the mouse pointer can't be moved, that's the time I know my computer will restart again
Here is the log:
Deckard's System Scanner v20071014.68
Run by RiChaRD on 2008-06-12 17:45:19
Computer is in Normal Mode.
--------------------------------------------------------------------------------
System Drive C: has 2.26 GiB (less than 15%) free.
-- HijackThis (run as RiChaRD.exe) ---------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:47:13 Chad, on 6/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\GizmoPlugin\GizmoPlugin.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Nokia\Tools\NclTray.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\PC Suite for Nokia 6600\connmngmntbox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nokia\PC Suite for Nokia 6600\ectaskscheduler.exe
C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe
C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe
C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE
C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Yahoo!\Companion\Installs\cpn0\ytbb.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Documents and Settings\RiChaRD\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\RiChaRD.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\Tools\NclTray.exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orbit.lnk = ?
O4 - Global Startup: PCSuiteForNokia6600 Detect.lnk = ?
O4 - Global Startup: PCSuiteForNokia6600 TS.lnk = ?
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.ph/com/EGamesPlugin.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1208684133671
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Gizmo VoIP Service (Gizmo Plugin) - SIPphone, Inc. - C:\Program Files\GizmoPlugin\GizmoPlugin.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
--
End of file - 9584 bytes
-- Files created between 2008-05-12 and 2008-06-12 -----------------------------
2008-06-12 17:26:12 0 d-------- C:\ZonedOut
2008-06-12 17:22:31 0 d-------- C:\Program Files\SpywareBlaster
2008-06-12 17:19:58 0 d-------- C:\ie-spyad_zo
2008-06-12 16:45:58 0 d-------- C:\Program Files\EsetOnlineScanner
2008-06-12 16:23:49 0 d-------- C:\Program Files\Trend Micro
2008-06-12 15:32:30 0 dr-h----- C:\Documents and Settings\RiChaRD\Recent
2008-06-11 22:11:15 0 d-------- C:\Program Files\Design Science
2008-06-11 22:11:10 16384 --a------ C:\WINDOWS\system32\FileOps.exe
2008-06-11 22:11:03 0 d-------- C:\Program Files\English Master
2008-06-11 20:18:59 4682 --a------ C:\WINDOWS\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
2008-06-10 14:01:47 0 d-------- C:\WINDOWS\Ulead.dat
2008-06-09 16:02:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Macrovision
2008-06-09 15:58:22 0 d-------- C:\Program Files\Common Files\Macromedia Shared
2008-06-09 15:51:14 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Uniblue
2008-06-09 10:09:47 0 d-------- C:\Program Files\Callum Haywood
2008-06-08 17:39:46 86016 --a------ C:\WINDOWS\system32\gigagetbho_v10.dll <Not Verified; Giganology Inc.; GigagetBHO Module>
2008-06-08 17:39:41 0 d-------- C:\Program Files\Giganology
2008-06-08 10:30:44 0 d-------- C:\Program Files\DAP
2008-06-08 07:10:56 0 d-------- C:\Program Files\Common Files\L&H
2008-06-08 07:09:54 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-06-08 07:07:13 0 d-------- C:\Program Files\Microsoft Works
2008-06-08 07:05:37 0 d-------- C:\WINDOWS\SHELLNEW
2008-06-08 07:05:25 0 d-------- C:\Program Files\Microsoft.NET
2008-06-08 06:52:38 0 dr-h----- C:\MSOCache
2008-06-07 21:45:47 34 --ah----- C:\WINDOWS\system32\DVDRippper_sysquict.dat
2008-06-07 21:45:38 0 d-------- C:\Program Files\Abcc Free Youtube FLV Video Downloader&Converter
2008-06-07 21:45:05 0 d-------- C:\Program Files\XP Codec Pack
2008-06-07 20:51:22 0 d-------- C:\Program Files\vixy.net
2008-06-07 17:58:14 0 d-------- C:\Program Files\L-NU
2008-06-06 14:28:06 0 d-------- C:\Program Files\e-Games
2008-06-06 07:51:21 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-06-05 10:45:51 0 d-------- C:\Program Files\Delta
2008-06-05 10:27:22 0 d-------- C:\Program Files\bleem
2008-06-05 09:49:08 0 d-------- C:\Program Files\thriXXX
2008-06-04 18:32:45 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Help
2008-06-03 15:11:57 0 d-------- C:\Program Files\IrfanView
2008-06-01 21:56:38 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Nero
2008-06-01 21:53:22 0 d-------- C:\Program Files\Nero
2008-06-01 21:53:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-06-01 21:53:21 0 d-------- C:\Program Files\Common Files\Nero
2008-06-01 13:04:52 216064 --a------ C:\WINDOWS\iun3405.exe <Not Verified; Indigo Rose Corporation; Indigo Rose Corporation unin32>
2008-05-31 09:34:22 0 d-------- C:\Program Files\filehippo.com
2008-05-30 17:36:12 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\U3
2008-05-30 16:47:36 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-05-30 16:36:12 0 d-------- C:\Program Files\Bonjour
2008-05-30 16:21:34 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-05-30 11:51:17 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Media Player Classic
2008-05-30 08:08:44 347136 --a------ C:\Documents and Settings\RiChaRD\legion.dll
2008-05-27 06:11:35 48 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-05-27 06:11:34 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\skypePM
2008-05-27 06:10:35 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Skype
2008-05-27 06:10:11 0 d-------- C:\Program Files\Skype
2008-05-27 06:10:10 0 d-------- C:\Program Files\Common Files\Skype
2008-05-27 06:09:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-05-26 22:52:10 0 d-------- C:\Documents and Settings\All Users\Application Data\5554df5
2008-05-26 22:50:23 0 d-------- C:\Program Files\79A8F
2008-05-26 20:07:11 0 d-------- C:\Program Files\Free Keylogger
2008-05-26 18:17:10 9452 --a------ C:\Documents and Settings\All Users\Application Data\keyslite.dat
2008-05-25 09:41:09 0 d-------- C:\Program Files\GizmoPlugin
2008-05-24 20:50:49 0 d-------- C:\Documents and Settings\VISITORS\Application Data\WinRAR
2008-05-24 18:07:18 75 --a------ C:\Documents and Settings\All Users\Application Data\kldata.dat
2008-05-24 09:33:15 0 d-------- C:\Documents and Settings\VISITORS\Application Data\Winamp
2008-05-23 18:41:31 0 d-------- C:\Documents and Settings\RiChaRD\Contacts
2008-05-23 10:02:28 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-05-23 10:02:11 0 d-------- C:\Program Files\Windows Live
2008-05-23 10:01:53 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-23 09:58:42 0 d-------- C:\Documents and Settings\All Users\Application Data\comodo
2008-05-23 09:18:07 0 d-------- C:\Documents and Settings\VISITORS\ChikkaDefault
2008-05-22 17:52:48 0 d-------- C:\Program Files\FLVPlayer
2008-05-22 17:02:14 0 d-------- C:\Program Files\Photo Story 3 for Windows
2008-05-22 16:37:08 0 d-------- C:\Program Files\Windows Media Connect 2
2008-05-22 16:34:25 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-21 21:15:49 131584 --a------ C:\WINDOWS\system32\SpoonUninstall.exe
2008-05-21 20:55:01 0 d-------- C:\Program Files\Microsoft SMS Sender
2008-05-17 13:54:02 487479 --a------ C:\WINDOWS\system32\SkinMagic.dll <Not Verified; Appspeed Inc.; Appspeed SkinMagic Toolkit>
2008-05-17 13:54:02 60273 --a------ C:\WINDOWS\system32\pthreadGC2.dll <Not Verified; Open Source Software community project; >
2008-05-17 13:54:02 719872 --a------ C:\WINDOWS\system32\devil.dll <Not Verified; Abysmal Software; Developer's Image Library (DevIL)>
2008-05-17 13:54:02 313344 --a------ C:\WINDOWS\system32\avisynth.dll <Not Verified; The Public; Avisynth 2.5>
2008-05-17 13:54:01 0 d-------- C:\WINDOWS\system32\avsplugin
2008-05-17 13:54:01 7277568 --a------ C:\WINDOWS\system32\3gpcore.dll
2008-05-17 13:54:01 0 d-------- C:\Program Files\Smallvideosoft
2008-05-17 12:06:15 0 d-------- C:\Documents and Settings\VISITORS\Application Data\Mozilla
2008-05-17 11:45:26 0 d-------- C:\Documents and Settings\VISITORS\Application Data\Macromedia
2008-05-17 11:45:20 0 d-------- C:\Documents and Settings\VISITORS\Application Data\Adobe
2008-05-17 11:45:04 0 d-------- C:\Documents and Settings\VISITORS\Application Data\Yahoo!
2008-05-17 11:45:02 0 d-------- C:\Documents and Settings\VISITORS\Application Data\AVGTOOLBAR
2008-05-17 11:43:18 0 d-------- C:\Documents and Settings\VISITORS\Application Data\SiteAdvisor
2008-05-17 11:43:18 0 d-------- C:\Documents and Settings\VISITORS\Application Data\Orbit
2008-05-17 11:43:17 0 d-------- C:\Documents and Settings\VISITORS\Phone Browser
2008-05-17 11:43:01 0 d-------- C:\Documents and Settings\VISITORS\Application Data\Identities
2008-05-17 11:42:47 0 d--h----- C:\Documents and Settings\VISITORS\Templates
2008-05-17 11:42:47 0 dr------- C:\Documents and Settings\VISITORS\Start Menu
2008-05-17 11:42:47 0 dr-h----- C:\Documents and Settings\VISITORS\SendTo
2008-05-17 11:42:47 0 d--h----- C:\Documents and Settings\VISITORS\PrintHood
2008-05-17 11:42:47 1310720 --ah----- C:\Documents and Settings\VISITORS\NTUSER.DAT
2008-05-17 11:42:47 0 d--h----- C:\Documents and Settings\VISITORS\NetHood
2008-05-17 11:42:47 0 dr------- C:\Documents and Settings\VISITORS\My Documents
2008-05-17 11:42:47 0 d--h----- C:\Documents and Settings\VISITORS\Local Settings
2008-05-17 11:42:47 0 dr------- C:\Documents and Settings\VISITORS\Favorites
2008-05-17 11:42:47 0 d-------- C:\Documents and Settings\VISITORS\Desktop
2008-05-17 11:42:47 0 d--hs---- C:\Documents and Settings\VISITORS\Cookies
2008-05-17 11:42:47 0 dr-h----- C:\Documents and Settings\VISITORS\Application Data
2008-05-17 11:42:47 0 d---s---- C:\Documents and Settings\VISITORS\Application Data\Microsoft
2008-05-16 17:15:35 0 d-------- C:\Documents and Settings\RiChaRD\.SunDownloadManager
2008-05-15 20:07:44 0 d-------- C:\WINDOWS\system32\LogFiles
2008-05-15 18:37:00 0 d-------- C:\Program Files\FlashGet
2008-05-15 18:36:06 0 d-------- C:\Program Files\MSECache
2008-05-15 10:26:25 0 d-------- C:\Program Files\InstantBoss
-- Find3M Report ---------------------------------------------------------------
2008-06-12 17:25:11 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Orbit
2008-06-12 12:28:08 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\LimeWire
2008-06-11 22:11:10 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-11 20:17:20 0 d-------- C:\Program Files\LimeWire
2008-06-11 14:05:24 0 d-------- C:\Program Files\3GP Player
2008-06-09 16:02:38 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Macromedia
2008-06-09 15:58:41 0 d-------- C:\Program Files\Opera 9.5 beta
2008-06-09 15:58:22 0 d-------- C:\Program Files\Common Files
2008-06-09 15:55:53 0 d-------- C:\Program Files\Macromedia
2008-06-09 15:55:53 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-08 08:25:05 0 d-------- C:\Program Files\7-Zip
2008-06-07 20:52:35 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\SiteAdvisor
2008-06-06 11:46:55 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Adobe
2008-06-04 07:09:47 0 d-------- C:\Program Files\Codec Pack - All In 1
2008-06-04 07:09:29 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-05-25 08:57:07 0 d-------- C:\Program Files\SiteAdvisor
2008-05-24 10:49:05 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\AVGTOOLBAR
2008-05-22 17:20:48 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Audacity
2008-05-21 15:46:52 0 d-------- C:\Program Files\Notepad++
2008-05-20 16:17:36 0 d-------- C:\Program Files\nLite
2008-05-07 18:40:31 0 d-------- C:\Program Files\Java
2008-05-01 21:37:54 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Notepad++
2008-04-30 06:23:39 0 d-------- C:\Program Files\Imikimi
2008-04-28 21:21:09 0 d-------- C:\Program Files\AVG
2008-04-27 19:43:43 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Opera
2008-04-26 21:00:51 0 d-------- C:\Program Files\glassfish-v2
2008-04-26 10:25:42 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\DeepBurner
2008-04-20 20:11:38 0 d-------- C:\Program Files\Winamp
2008-04-20 20:00:57 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Winamp
2008-04-20 10:08:22 0 d-------- C:\Program Files\Learn Typing Quick & Easy
2008-04-19 20:17:09 0 d-------- C:\Program Files\NetBeans 6.0
2008-04-19 20:16:20 0 d-------- C:\Program Files\Apache Software Foundation
2008-04-19 15:20:56 0 d-------- C:\Program Files\ScanDrv6
2008-04-19 14:13:05 0 d-------- C:\Program Files\GabbaSoft
2008-04-19 11:24:48 0 d-------- C:\Program Files\CyberLink
2008-04-19 11:23:51 0 d-------- C:\Program Files\Common Files\InstallShield
2008-04-19 09:58:37 0 d-------- C:\Program Files\CFS-Technologies
2008-04-19 09:45:16 0 d-------- C:\Program Files\Astonsoft
2008-04-18 21:46:59 0 d-------- C:\Program Files\Audacity 1.3 Beta (Unicode)
2008-04-18 20:30:04 0 d-------- C:\Program Files\MSXML 4.0
2008-04-18 05:37:15 0 d-------- C:\Program Files\Intuwave
2008-04-18 05:36:33 0 d-------- C:\Program Files\Common Files\Nokia
2008-04-18 05:36:32 0 d-------- C:\Program Files\Common Files\PCSuite
2008-04-18 05:35:44 0 d-------- C:\Program Files\Nokia
2008-04-15 21:20:21 0 d-------- C:\Program Files\MIKSOFT
2008-04-15 17:09:00 0 d-------- C:\Program Files\Xilisoft
2008-04-14 22:53:41 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\HPAppData
2008-04-14 22:37:02 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\HP
2008-04-14 22:36:48 137623 --a------ C:\WINDOWS\HPHins15.dat
2008-04-14 22:35:17 0 d-------- C:\Program Files\HP
2008-04-14 22:32:48 0 d-------- C:\Program Files\Common Files\HP
2008-04-14 07:40:52 0 d-------- C:\Program Files\Common Files\Macromedia
2008-04-13 11:05:13 0 d-------- C:\Program Files\FLV Player
2008-04-13 08:53:24 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Yahoo!
2008-04-13 07:16:27 0 d-------- C:\Program Files\Acro Software
2008-04-13 06:57:03 0 d-------- C:\Program Files\Sun
2008-04-13 06:53:19 0 d-------- C:\Program Files\Common Files\Java
2008-04-13 06:52:55 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Sun
2008-04-13 06:47:58 0 d-------- C:\Program Files\Vimicro
2008-04-12 19:22:43 0 d-------- C:\Program Files\Common Files\ODBC
2008-04-12 19:22:39 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-04-12 19:22:13 62 --ahs---- C:\Documents and Settings\RiChaRD\Application Data\desktop.ini
2008-04-12 19:06:52 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\WinRAR
2008-04-12 18:57:02 0 d-------- C:\Program Files\C-Media 3D Audio
2008-04-12 18:56:16 0 d-------- C:\Program Files\S3
2008-04-12 18:39:38 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Identities
2008-04-12 18:31:36 0 d-------- C:\Program Files\Windows NT
2008-04-12 18:31:36 0 d-------- C:\Program Files\msn gaming zone
2008-04-12 18:31:36 0 d-------- C:\Program Files\microsoft frontpage
2008-04-12 18:31:10 0 -rahs---- C:\MSDOS.SYS
2008-04-12 18:31:10 0 -rahs---- C:\IO.SYS
2008-04-12 18:31:10 0 --a------ C:\CONFIG.SYS
2008-04-12 18:31:10 0 --a------ C:\AUTOEXEC.BAT
2008-04-12 18:29:45 0 d--h----- C:\Program Files\WindowsUpdate
2008-04-12 18:29:41 0 d-------- C:\Program Files\Online Services
2008-04-12 18:28:56 0 d-------- C:\Program Files\Common Files\MSSoap
2008-04-12 18:28:48 0 d-------- C:\Program Files\Movie Maker
2008-04-12 18:27:54 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-04-12 12:57:09 0 d-------- C:\Program Files\VistaVG Theme for XP [ Uploaded By Ceekeigh ]
2008-04-12 09:22:21 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Talkback
2008-04-12 07:18:26 0 --a------ C:\WINDOWS\nsreg.dat
2008-04-12 07:18:23 0 d-------- C:\Documents and Settings\RiChaRD\Application Data\Mozilla
2008-04-12 07:17:10 0 d-------- C:\Program Files\Yahoo!
2008-04-12 07:04:54 0 d-------- C:\Program Files\Orbitdownloader
2008-04-12 04:32:11 0 d-------- C:\Program Files\Alwil Software
2008-04-12 04:28:49 0 d-------- C:\Program Files\CCleaner
2008-04-12 00:09:09 0 d-------- C:\Program Files\Chikka Messenger
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
04/28/2008 09:21 Chad 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [04/28/2008 09:21 Chad 2050816]
[-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [03/08/2005 03:33 Chad C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [03/11/2005 05:33 Chad C:\WINDOWS\system32\VTTrayp.exe]
"Cmaudio"="cmicnfg.cpl" []
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [12/05/2007 05:03 Chad]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 Chad]
"BluetoothAuthenticationAgent"="bthprops.cpl" [12/31/2002 08:00 Chad C:\WINDOWS\system32\bthprops.cpl]
"Nokia Tray Application"="C:\Program Files\Common Files\Nokia\Tools\NclTray.exe" [12/19/2003 11:38 Chad]
"DataLayer"="C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe" [02/19/2004 04:23 Chad]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [04/28/2008 09:21 Chad]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [12/31/2002 08:00 Chad]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
hpdevmgmt hpqcxs08 hpqddsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
AutoRun\command- F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{599f65bc-0880-11dd-84de-88e89b903bf0}]
AutoRun\command- F:\bar311.exe %1
Explore\command- F:\bar311.exe %1
Open\command- F:\bar311.exe %1
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cebd1ba8-2e21-11dd-859e-001060abcd13}]
AutoRun\command- F:\LaunchU3.exe -a
-- End of Deckard's System Scanner: finished at 2008-06-12 17:47:39 ------------
extra.txt was already uploaded here
