cadriemir

Hi, this is my first time posting here. I found this forum and it seemed very helpful. Last week I was trying to download something through Bittorent(have since uninstalled it) and after that my computer has been having major issues. At one point I was having a problem with system shutdown associated with the message System Shutdown NT Authority/Shutdown. I have since resolved that issue and run spybot and AVG virus scan. They found alot of trogans and stuff. My computer is running better but it is still kind of slow and glitchy. I tried to follow the steps before posting but when I ran gmer.exe my cpu would shut off. It was after I said yes to a full scan. I then ran RSIT.exe and it pulled up the log.txt but not the info.txt. I am going to post that log. I would really appreciate any help. Thank you!!

Logfile of random's system information tool 1.04 (written by random/random)
Run by Owner at 2008-11-10 11:46:19
Microsoft Windows XP Professional Service Pack 3
System drive C: has 151 GB (50%) free of 301 GB
Total RAM: 2046 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:46:24 AM, on 11/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\program files\steam\steam.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\java.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner.Jezebelle\Desktop\RSIT.exe
C:\Program Files\trend micro\Owner.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {2BF8B4D3-5ED9-4979-AE5D-F7CECAA7997E} - C:\WINDOWS\system32\pmkhf.dll (file missing)
O2 - BHO: Rmn plugin - {5beefd1c-446f-48a7-a7c7-c8e5986a9760} - rbsgam.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: 0 - {9142EAD4-C950-42A4-8287-2DA9AD69CF67} - C:\Program Files\Messenger\laguri81.dll (file missing)
O2 - BHO: (no name) - {9FB07BE0-2CBC-4C92-99C8-D6886BBC5DD6} - C:\Program Files\Windows Plus\hote83122.dll (file missing)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {BCC73622-F72D-4277-803C-D65565A0947F} - C:\WINDOWS\system32\opnooon.dll (file missing)
O2 - BHO: {be0bd828-1a10-9128-b764-4375d548b13c} - {c31b845d-5734-467b-8219-01a1828db0eb} - C:\WINDOWS\system32\iqvvrilm.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Ealb] "C:\DOCUME~1\OWNER~1.JEZ\APPLIC~1\FNTS~1\chkdsk.exe" -vt yazb
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\.DEFAULT\..\Run: [Power2GoExpress] NA (User 'Default user')
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/p.../PCPitStop.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca..._2.3.2.100.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://email3.uncg.edu/dwa7W.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: opnooon - opnooon.dll (file missing)
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: (no name) - About:Home

--
End of file - 10209 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2BF8B4D3-5ED9-4979-AE5D-F7CECAA7997E}]
C:\WINDOWS\system32\pmkhf.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5beefd1c-446f-48a7-a7c7-c8e5986a9760}]
Rmn plugin - rbsgam.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9142EAD4-C950-42A4-8287-2DA9AD69CF67}]
C:\Program Files\Messenger\laguri81.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FB07BE0-2CBC-4C92-99C8-D6886BBC5DD6}]
C:\Program Files\Windows Plus\hote83122.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-11-08 2055960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-09-09 2554944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll [2007-09-09 654832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BCC73622-F72D-4277-803C-D65565A0947F}]
C:\WINDOWS\system32\opnooon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c31b845d-5734-467b-8219-01a1828db0eb}]
C:\WINDOWS\system32\iqvvrilm.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-09-09 2554944]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-11-08 2055960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"readericon"=C:\Program Files\Digital Media Reader\readericon45G.exe [2005-12-09 139264]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
"nwiz"=nwiz.exe /install []
"Reminder"=C:\WINDOWS\Creator\Remind_XP.exe [2005-02-25 966656]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-14 212992]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"MsgCenterExe"=C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe [2008-08-17 69632]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-12-14 577536]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe [2007-09-11 67488]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-05 81920]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-08-17 185896]
"LELA"=C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe [2008-05-01 131072]
"nmctxth"=C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe [2008-04-08 648504]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-11-08 1234712]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Aim6"= []
"Ealb"=C:\DOCUME~1\OWNER~1.JEZ\APPLIC~1\FNTS~1\chkdsk.exe -vt yazb []
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe []
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 []
"Steam"=c:\program files\steam\steam.exe [2008-10-08 1410296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\opnooon]
opnooon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{BCC73622-F72D-4277-803C-D65565A0947F}"=C:\WINDOWS\system32\opnooon.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\pmkhf.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati0jkxx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ati0jkxx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispSettingsPage"=0
"NoDispAppearancePage"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Program Files\Grisoft\AVG7\avgemc.exe"="C:\Program Files\Grisoft\AVG7\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe"="C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Messenger"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Steam\steamapps\desolece\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\desolece\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\WOWoW\Repair.exe"="C:\Program Files\WOWoW\Repair.exe:*:Enabled:Blizzard Repair Utility"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Steam\steamapps\desolece\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\desolece\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:firefox"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"="C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet:Enabled:Pure Networks Platform Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 3 months======

2008-11-10 11:42:07 ----D---- C:\Program Files\trend micro
2008-11-10 11:42:06 ----D---- C:\rsit
2008-11-10 09:39:21 ----A---- C:\WINDOWS\gmer.ini
2008-11-10 09:39:19 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-11-10 09:39:19 ----A---- C:\WINDOWS\gmer.exe
2008-11-10 09:39:19 ----A---- C:\WINDOWS\gmer.dll
2008-11-08 18:37:59 ----HD---- C:\$AVG8.VAULT$
2008-11-08 16:19:01 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-11-08 16:18:43 ----D---- C:\Program Files\AVG
2008-11-08 16:18:42 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-11-08 07:46:00 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2008-11-08 07:31:44 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-11-08 01:08:30 ----D---- C:\Documents and Settings\Owner.Jezebelle\Application Data\AVGTOOLBAR
2008-11-06 11:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-06 05:19:35 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-11-06 03:50:28 ----A---- C:\WINDOWS\wininit.ini
2008-11-06 02:36:25 ----A---- C:\WINDOWS\system32\alog.txt
2008-11-06 02:26:07 ----A---- C:\WINDOWS\Qzifijolo.dll
2008-11-06 02:26:03 ----A---- C:\WINDOWS\system32\mkrnl.exe
2008-11-06 02:25:31 ----D---- C:\Program Files\Microsoft Common
2008-11-06 02:25:01 ----D---- C:\WINDOWS\system32\QI19
2008-10-20 10:17:14 ----D---- C:\Documents and Settings\Owner.Jezebelle\Application Data\pdf995
2008-10-20 10:17:14 ----A---- C:\WINDOWS\pdf995.ini
2008-10-17 02:01:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-17 02:01:14 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-17 02:01:09 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-17 02:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-17 02:00:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-17 02:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-09 02:00:41 ----A---- C:\WINDOWS\system32\javaws.exe
2008-10-09 02:00:41 ----A---- C:\WINDOWS\system32\javaw.exe
2008-10-09 02:00:41 ----A---- C:\WINDOWS\system32\java.exe
2008-09-21 02:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-09-20 15:52:59 ----D---- C:\WINDOWS\Prefetch
2008-09-20 13:07:09 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-09-20 13:07:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-09-20 1357 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-09-20 1352 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-09-20 1347 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-09-20 1342 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-09-20 1337 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-09-20 1332 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-09-20 1327 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-09-20 1321 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2008-09-20 1316 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-09-20 1313 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-20 13:02:33 ----D---- C:\WINDOWS\system32\scripting
2008-09-20 13:02:33 ----D---- C:\WINDOWS\system32\en
2008-09-20 13:02:33 ----D---- C:\WINDOWS\system32\bits
2008-09-20 13:02:33 ----D---- C:\WINDOWS\l2schemas
2008-09-20 13:00:38 ----D---- C:\WINDOWS\ServicePackFiles
2008-09-20 12:54:36 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-09-15 23:46:41 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-09-15 23:46:38 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-09-15 23:46:35 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-09-15 23:46:35 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-09-15 23:46:31 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-09-15 23:46:31 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-09-15 23:46:29 ----N---- C:\WINDOWS\system32\slserv.exe
2008-09-15 23:46:29 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-09-15 23:46:29 ----N---- C:\WINDOWS\system32\slgen.dll
2008-09-15 23:46:29 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-09-15 23:46:29 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-09-15 23:46:29 ----N---- C:\WINDOWS\slrundll.exe
2008-09-15 23:46:27 ----N---- C:\WINDOWS\system32\setupn.exe
2008-09-15 23:46:27 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-09-15 23:46:26 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-09-15 23:46:26 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-09-15 23:46:25 ----N---- C:\WINDOWS\system32\qutil.dll
2008-09-15 23:46:25 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-09-15 23:46:25 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-09-15 23:46:25 ----N---- C:\WINDOWS\system32\qagent.dll
2008-09-15 23:46:23 ----N---- C:\WINDOWS\system32\onex.dll
2008-09-15 23:46:20 ----N---- C:\WINDOWS\system32\napstat.exe
2008-09-15 23:46:20 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-09-15 23:46:19 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-09-15 23:46:19 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-09-15 23:46:18 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-09-15 23:46:18 ----N---- C:\WINDOWS\system32\mssha.dll
2008-09-15 23:46:13 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-09-15 23:46:13 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-09-15 23:46:13 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-09-15 23:46:13 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-09-15 23:46:12 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-09-15 23:46:08 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-09-15 23:46:08 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-09-15 23:46:08 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-09-15 23:46:08 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-09-15 23:46:08 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-09-15 23:46:08 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-09-15 23:46:04 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-09-15 23:46:04 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-09-15 23:46:03 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-09-15 23:46:01 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-09-15 23:46:00 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-09-15 23:46:00 ----A---- C:\WINDOWS\003347_.tmp
2008-09-15 23:45:59 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-09-15 23:45:59 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-09-15 23:45:59 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-09-15 23:45:59 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-09-15 23:45:59 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-09-15 23:45:59 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-09-15 23:45:59 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-09-15 23:45:59 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-09-15 23:45:58 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-09-15 23:45:58 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-09-15 23:45:58 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-09-15 23:45:58 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-09-15 23:45:58 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-09-15 23:45:58 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-09-15 23:45:58 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-09-15 23:45:57 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-09-15 23:45:57 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-09-15 23:45:57 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-09-15 23:45:56 ----N---- C:\WINDOWS\system32\credssp.dll
2008-09-15 23:45:53 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-15 23:45:53 ----N---- C:\WINDOWS\system32\azroles.dll
2008-09-15 23:45:52 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-09-15 23:45:52 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-09-15 23:45:52 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-09-15 23:45:52 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-09-15 23:45:51 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-09-15 23:45:51 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-09-15 23:45:51 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-09-15 23:45:49 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-09-13 03:33:15 ----D---- C:\WINDOWS\system32\LogFiles
2008-09-11 02:00:49 ----D---- C:\Program Files\MSXML 6.0
2008-09-11 02:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2008-09-11 02:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-09-10 20:07:58 ----D---- C:\Program Files\MSBuild
2008-09-10 2027 ----D---- C:\WINDOWS\system32\XPSViewer
2008-09-10 20:05:52 ----D---- C:\Program Files\Reference Assemblies
2008-09-10 20:05:31 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-09-10 20:05:15 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2008-09-10 20:04:23 ----D---- C:\Documents and Settings\All Users\Application Data\Linksys
2008-09-10 20:03:37 ----D---- C:\Program Files\Common Files\Pure Networks Shared
2008-09-10 20:02:20 ----D---- C:\Program Files\Linksys
2008-09-03 13:02:53 ----D---- C:\Documents and Settings\All Users\Application Data\pdf995
2008-09-03 13:02:53 ----A---- C:\WINDOWS\system32\pdfmona.dll
2008-09-03 13:02:53 ----A---- C:\WINDOWS\system32\pdf995mon.dll
2008-09-03 13:02:36 ----D---- C:\Documents and Settings\Owner.Jezebelle\Application Data\TaxCut
2008-09-03 13:01:57 ----D---- C:\Program Files\TaxCut07
2008-09-03 13:01:57 ----D---- C:\Program Files\PDF995
2008-09-03 13:01:07 ----D---- C:\Documents and Settings\All Users\Application Data\TaxCut
2008-09-03 13:00:18 ----SHD---- C:\WINDOWS\ftpcache
2008-09-02 20:34:18 ----D---- C:\Program Files\Microsoft Games
2008-08-17 23:17:46 ----A---- C:\WINDOWS\cdplayer.ini
2008-08-17 23:17:05 ----D---- C:\Program Files\Common Files\xing shared
2008-08-17 23:16:59 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2008-08-17 23:16:52 ----A---- C:\WINDOWS\system32\pndx5032.dll
2008-08-17 23:16:52 ----A---- C:\WINDOWS\system32\pndx5016.dll
2008-08-17 23:16:51 ----D---- C:\Program Files\Real
2008-08-17 23:16:51 ----A---- C:\WINDOWS\system32\pncrt.dll
2008-08-16 02:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-08-16 02:02:27 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-08-16 02:02:23 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-16 02:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-08-16 02:01:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-16 02:00:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-08-16 02:00:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-08-16 02:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB953838_0$

======List of files/folders modified in the last 3 months======

2008-11-10 11:42:07 ----AD---- C:\Program Files
2008-11-10 11:36:31 ----D---- C:\Program Files\Mozilla Firefox
2008-11-10 10:20:00 ----D---- C:\WINDOWS\Temp
2008-11-10 10:19:55 ----A---- C:\WINDOWS\ModemLog_Agere Systems PCI-SV92PP Soft Modem.txt
2008-11-10 10:19:53 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-10 10:19:42 ----D---- C:\WINDOWS\Registration
2008-11-10 10:19:17 ----D---- C:\WINDOWS
2008-11-10 10:19:14 ----D---- C:\Program Files\Steam
2008-11-10 10:19:13 ----D---- C:\WINDOWS\system32
2008-11-10 09:44:18 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-10 09:44:17 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-10 09:39:19 ----D---- C:\WINDOWS\system32\drivers
2008-11-10 08:42:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-09 08:13:47 ----HD---- C:\Config.Msi
2008-11-09 08:13:46 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-08 23:28:36 ----SHD---- C:\WINDOWS\Installer
2008-11-08 23:28:36 ----D---- C:\Program Files\Common Files
2008-11-08 23:27:52 ----D---- C:\Program Files\CyberLink
2008-11-08 23:19:48 ----D---- C:\Program Files\Winamp
2008-11-08 16:18:41 ----D---- C:\WINDOWS\WinSxS
2008-11-08 16:18:41 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-11-08 16:18:24 ----SD---- C:\Documents and Settings\Owner.Jezebelle\Application Data\Microsoft
2008-11-08 16:03:55 ----SHD---- C:\System Volume Information
2008-11-08 16:01:58 ----HD---- C:\WINDOWS\inf
2008-11-08 07:50:13 ----D---- C:\ComboFix
2008-11-08 07:33:37 ----A---- C:\WINDOWS\ntbtlog.txt
2008-11-08 01:46:10 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-08 01:35:36 ----SHD---- C:\RECYCLER
2008-11-08 00:49:13 ----D---- C:\WINDOWS\system
2008-11-08 00:26:50 ----D---- C:\WINDOWS\system32\Restore
2008-11-06 11:45:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-06 11:45:18 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-06 10:43:26 ----D---- C:\Program Files\Adobe
2008-11-06 05:19:37 ----D---- C:\Program Files\Lavasoft
2008-11-06 04:56:53 ----D---- C:\Program Files\HijackThis
2008-11-06 04:56:47 ----A---- C:\VundoFix.txt
2008-11-06 03:58:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-06 02:25:01 ----D---- C:\Temp
2008-11-05 13:12:35 ----D---- C:\Documents and Settings\Owner.Jezebelle\Application Data\OpenOffice.org2
2008-11-03 11:34:44 ----D---- C:\Documents and Settings
2008-10-17 02:01:21 ----A---- C:\WINDOWS\imsins.BAK
2008-10-15 11:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-11 11:00:25 ----D---- C:\Documents and Settings\Owner.Jezebelle\Application Data\Image Zone Express
2008-10-11 11:00:24 ----D---- C:\Documents and Settings\Owner.Jezebelle\Application Data\Printer Info Cache
2008-10-09 02:37:27 ----D---- C:\Program Files\LimeWire
2008-10-09 02:00:40 ----D---- C:\Program Files\Java
2008-10-07 14:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-09-20 15:54:55 ----A---- C:\WINDOWS\OEWABLog.txt
2008-09-20 15:53:05 ----A---- C:\WINDOWS\setuplog.txt
2008-09-20 15:52:30 ----D---- C:\WINDOWS\system32\Setup
2008-09-20 15:52:30 ----D---- C:\Program Files\Messenger
2008-09-20 15:52:29 ----D---- C:\WINDOWS\system32\wbem
2008-09-20 15:52:29 ----D---- C:\WINDOWS\AppPatch
2008-09-20 15:52:28 ----RSD---- C:\WINDOWS\Fonts
2008-09-20 15:51:29 ----D---- C:\WINDOWS\security
2008-09-20 13:07:12 ----D---- C:\WINDOWS\system32\CatRoot
2008-09-20 13:05:13 ----RSD---- C:\WINDOWS\assembly
2008-09-20 13:02:52 ----D---- C:\WINDOWS\Help
2008-09-20 13:02:44 ----D---- C:\WINDOWS\system32\inetsrv
2008-09-20 13:02:43 ----D---- C:\WINDOWS\network diagnostic
2008-09-20 13:02:43 ----D---- C:\WINDOWS\ime
2008-09-20 13:02:34 ----D---- C:\WINDOWS\system32\usmt
2008-09-20 13:02:34 ----D---- C:\WINDOWS\system32\en-US
2008-09-20 13:02:33 ----D---- C:\WINDOWS\PeerNet
2008-09-20 13:02:33 ----D---- C:\Program Files\Internet Explorer
2008-09-20 13:02:32 ----D---- C:\Program Files\Movie Maker
2008-09-20 13:00:28 ----D---- C:\WINDOWS\system32\npp
2008-09-20 13:00:28 ----D---- C:\WINDOWS\mui
2008-09-20 13:00:27 ----D---- C:\WINDOWS\msagent
2008-09-20 13:00:25 ----D---- C:\WINDOWS\srchasst
2008-09-20 13:00:23 ----D---- C:\Program Files\NetMeeting
2008-09-20 13:00:22 ----D---- C:\WINDOWS\system32\Com
2008-09-20 13:00:20 ----D---- C:\Program Files\Windows NT
2008-09-20 13:00:19 ----D---- C:\Program Files\Outlook Express
2008-09-20 13:00:16 ----D---- C:\Program Files\Common Files\System
2008-09-20 12:59:59 ----D---- C:\WINDOWS\system32\oobe
2008-09-20 12:54:35 ----D---- C:\WINDOWS\ehome
2008-09-15 23:26:59 ----D---- C:\WINDOWS\Debug
2008-09-15 19:33:55 ----HD---- C:\Documents and Settings\Owner.Jezebelle\Application Data\Move Networks
2008-09-10 21:39:22 ----D---- C:\WINDOWS\Microsoft.NET
2008-09-10 20:05:37 ----D---- C:\WINDOWS\system32\spool
2008-09-10 20:03:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-09-10 20:03:24 ----D---- C:\Documents and Settings\All Users\Application Data\Pure Networks
2008-08-23 11:20:16 ----D---- C:\Documents and Settings\Owner.Jezebelle\Application Data\HP
2008-08-20 00:30:53 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-20 00:30:52 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-20 00:30:51 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-20 00:30:51 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-08-18 00:20:40 ----D---- C:\Documents and Settings\Owner.Jezebelle\Application Data\Real
2008-08-17 23:17:01 ----D---- C:\Program Files\Common Files\Real
2008-08-14 05:09:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 04:33:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 avgldx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-11-08 97928]
R1 avgmfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-11-08 26824]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2006-05-19 2432]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2006-05-19 2560]
R2 avgtdix;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-11-08 76040]
R2 pnarp;Pure Networks Device Discovery Driver; C:\WINDOWS\system32\DRIVERS\pnarp.sys [2008-04-08 23992]
R2 purendis;Pure Networks Wireless Driver; C:\WINDOWS\system32\DRIVERS\purendis.sys [2008-04-08 25272]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-09-23 1094751]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-12-16 3842560]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 hcwPP2;Hauppauge WinTV PVR PCI II ([23|25|26]xxx); C:\WINDOWS\system32\DRIVERS\hcwPP2.sys [2006-02-23 167808]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-29 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-07-29 12928]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-13 42752]
S2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\OWNER~1.JEZ\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-11-10 85969]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 mxnic;Macronix MX987xx Family Fast Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\mxnic.sys [2001-08-17 19968]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 restore;restore; \??\C:\WINDOWS\system32\drivers\restore.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-11-08 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-11-08 231704]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2005-12-15 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 LinksysUpdater;Linksys Updater; C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-04-18 204800]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 nmservice;Pure Networks Platform Service; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [2008-04-08 648504]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
R2 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS [2006-05-11 172032]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-01-04 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-09 138680]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-03 38912]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------