Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Dr watson postmortem debugger problem

Started by Kjetivag , Mar 12 2009 10:24 AM

  • Please log in to reply

#1
Kjetivag
Posted 12 March 2009 - 10:24 AM

Kjetivag

    New Member

  • Member
  • Pip
  • 1 posts
Hi, I'm getting quite frustrated here.

When I open certain folders in my computer, I keep getting system error messages, firstly that windows explorer is having a problem and has to be closed, secondly that dr watson postmortem debugger is having a problem and has to be closed. This all adds up to my computer freezing and needing a reboot.

OTListIt logfile created on: 12.03.2009 17:15:44 - Run 1
OTListIt2 by OldTimer - Version 2.0.3.5 Folder = C:\Documents and Settings\Kjetil Vaage\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000414 | Country: Norway | Language: NOR | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 63,69 Gb Free Space | 42,73% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KJETIL
Current User Name: Kjetil Vaage
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
PRC - C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
PRC - C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\Kjetil Vaage\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Running]) -- c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Nero BackItUp Scheduler 3 [Auto | Running]) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NMIndexingService [On_Demand | Running]) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\hpzipm12.dll (Hewlett-Packard)
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (b57w2k [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\b57xp32.sys (Broadcom Corporation)
DRV - (ENTECH [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ENTECH.sys (EnTech Taiwan)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (n558 [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\n558.sys ()
DRV - (NETw4x32 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NETw4x32.sys (Intel Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (rimmptsk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\rimmptsk.sys (REDC)
DRV - (rimsptsk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\rimsptsk.sys (REDC)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (smserial [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\smserial.sys (Motorola Inc.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (TcUsb [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\tcusb.sys (UPEK Inc.)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.7
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Components -> %ProgramFiles%\MOZILLA FIREFOX\COMPONENTS [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2009.03.07 00:43:04 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins -> %ProgramFiles%\MOZILLA FIREFOX\PLUGINS [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2009.03.07 00:43:03 00,000,000 | ---D | M]
FF - C:\Documents and Settings\Kjetil Vaage\Application Data\mozilla\Extensions [2008.12.06 04:26:51 00,000,000 | ---D | M]
FF - C:\Documents and Settings\Kjetil Vaage\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2008.12.06 04:26:51 00,000,000 | ---D | M]
FF - C:\Documents and Settings\Kjetil Vaage\Application Data\mozilla\Firefox\Profiles\ekfjksv0.default\extensions [2008.12.06 04:26:51 00,000,000 | ---D | M]
FF - C:\Program Files\mozilla firefox\extensions [2008.12.06 04:24:04 00,000,000 | ---D | M]
FF - C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009.03.07 00:43:03 00,000,000 | ---D | M]

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Påloggingshjelp for Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" (Nero AG)
O4 - HKCU..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 (DT Soft Ltd.)
O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent (Take-Two Interactive Software, Inc.)
O4 - HKCU..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [Bluetooth Namespace] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009.03.12 16:59:45 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Kjetil Vaage\Desktop\Rooter.exe
[2009.03.12 16:58:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009.03.12 16:58:28 | 00,497,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kjetil Vaage\Desktop\OTListIt2.exe
[2009.03.12 14:47:25 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009.03.12 14:47:25 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009.03.12 14:47:24 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009.03.12 14:47:23 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009.03.12 14:47:22 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009.03.12 14:47:21 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009.03.12 14:47:21 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009.03.12 14:47:21 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009.03.12 14:47:21 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009.03.12 14:47:02 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009.03.12 14:47:02 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2009.03.12 14:47:02 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009.03.12 14:46:59 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009.03.12 14:40:29 | 04,841,044 | -H-- | C] () -- C:\Documents and Settings\Kjetil Vaage\Local Settings\Application Data\IconCache.db
[2009.03.12 14:38:00 | 31,262,848 | ---- | C] () -- C:\Documents and Settings\Kjetil Vaage\Desktop\setupeng.exe
[2009.03.12 14:30:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kjetil Vaage\Application Data\Malwarebytes
[2009.03.12 14:30:58 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.03.12 14:30:58 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.03.12 14:30:55 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.03.12 14:30:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009.03.12 14:30:53 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.03.12 14:29:34 | 02,876,720 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Kjetil Vaage\Desktop\mbam-setup.exe
[2009.03.12 14:26:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009.03.12 14:25:21 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Kjetil Vaage\Desktop\NTREGOPT.lnk
[2009.03.12 14:25:21 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Kjetil Vaage\Desktop\ERUNT.lnk
[2009.03.12 14:25:19 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009.03.12 14:24:32 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Kjetil Vaage\Desktop\erunt_setup.exe
[2009.03.12 14:12:33 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Kjetil Vaage\Desktop\HijackThis.lnk
[2009.03.12 14:12:32 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009.03.12 14:12:13 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Kjetil Vaage\Desktop\HJTInstall.exe
[2009.03.10 16:40:53 | 00,000,764 | ---- | C] () -- C:\Documents and Settings\Kjetil Vaage\My Documents\trening.rtf
[2009.03.10 12:34:51 | 00,018,747 | ---- | C] () -- C:\WINDOWS\System32\HPCEAC06.HPI
[2009.03.10 00:36:15 | 00,002,136 | ---- | C] () -- C:\Documents and Settings\Kjetil Vaage\My Documents\Rapport utplassering.rtf
[2009.03.10 00:21:19 | 00,000,000 | ---D | C] -- C:\Program Files\NimoCodec Pack
[2009.03.10 00:21:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\quicktime
[2009.03.10 00:21:18 | 00,000,000 | ---D | C] -- C:\Program Files\DivX
[2009.03.09 23:12:42 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Kjetil Vaage\My Documents\My Videos
[2009.03.09 23:12:27 | 00,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2009.03.09 23:12:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009.03.09 23:12:17 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2009.03.09 23:12:17 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2009.03.09 23:12:17 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009.03.09 23:12:17 | 00,000,000 | ---D | C] -- C:\Program Files\Real
[2009.03.09 23:12:15 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2009.03.09 23:12:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kjetil Vaage\Application Data\Real
[2009.03.09 23:02:47 | 00,297,024 | ---- | C] () -- C:\Documents and Settings\Kjetil Vaage\My Documents\[OPFansMaplesnow][One_Piece][391][848x480](1).avi
[2009.03.09 23:02:19 | 00,297,024 | ---- | C] () -- C:\Documents and Settings\Kjetil Vaage\My Documents\[OPFansMaplesnow][One_Piece][391][848x480].avi
[2009.03.04 19:12:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009.02.28 18:26:00 | 01,282,560 | ---- | C] () -- C:\Documents and Settings\Kjetil Vaage\Desktop\stressre.exe
[2009.02.23 20:22:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kjetil Vaage\Local Settings\Application Data\THQ
[2009.02.23 20:09:06 | 00,001,872 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2009.02.23 20:08:53 | 00,000,000 | ---D | C] -- C:\Program Files\Steam
[2009.02.23 18:00:32 | 00,000,000 | ---D | C] -- C:\Spill
[2009.02.23 17:26:55 | 00,000,000 | ---D | C] -- C:\Program Files\Saints Row 2
[2009.02.21 21:42:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kjetil Vaage\My Documents\Rockstar Games
[2009.02.21 21:37:48 | 31,879,336 | ---- | C] (Microsoft® Corporation) -- C:\Documents and Settings\Kjetil Vaage\Desktop\gfwlivesetupmin.exe
[2009.02.21 21:36:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kjetil Vaage\Local Settings\Application Data\Rockstar Games
[2009.02.21 21:33:23 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009.02.21 21:32:55 | 00,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Rockstar Games Social Club.lnk
[2009.02.21 21:27:55 | 00,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009.02.21 20:55:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009.02.21 20:52:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009.02.21 20:39:12 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009.02.21 20:39:11 | 01,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009.02.21 20:39:08 | 00,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2009.02.21 20:39:08 | 00,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2009.02.21 20:39:08 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2009.02.21 20:39:08 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2009.02.21 20:39:08 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2009.02.21 20:39:08 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2009.02.21 20:39:08 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2009.02.21 20:39:08 | 00,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2009.02.21 20:39:08 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2009.02.21 20:39:08 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2009.02.21 20:39:08 | 00,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2009.02.21 20:39:08 | 00,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2009.02.21 20:39:08 | 00,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2009.02.21 20:39:08 | 00,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2009.02.21 20:39:08 | 00,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2009.02.21 20:39:08 | 00,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2009.02.21 20:39:08 | 00,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2009.02.21 20:39:08 | 00,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2009.02.21 20:39:07 | 00,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2009.02.21 20:39:07 | 00,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2009.02.21 20:39:07 | 00,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2009.02.21 20:39:07 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2009.02.21 20:39:07 | 00,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2009.02.21 20:39:07 | 00,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2009.02.21 20:39:07 | 00,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2009.02.21 20:39:07 | 00,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2009.02.21 20:39:07 | 00,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2009.02.21 20:39:07 | 00,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2009.02.21 20:39:07 | 00,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2009.02.21 20:39:07 | 00,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2009.02.21 20:39:07 | 00,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2009.02.21 20:39:07 | 00,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2009.02.21 20:39:07 | 00,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2009.02.21 20:39:07 | 00,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2009.02.21 20:39:07 | 00,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2009.02.21 20:39:07 | 00,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2009.02.21 20:39:07 | 00,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2009.02.21 20:39:07 | 00,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2009.02.21 20:39:07 | 00,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2009.02.21 20:39:07 | 00,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2009.02.21 20:39:07 | 00,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2009.02.21 20:39:07 | 00,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2009.02.21 20:39:07 | 00,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2009.02.21 20:39:07 | 00,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2009.02.21 20:39:07 | 00,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2009.02.21 20:39:07 | 00,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2009.02.21 20:39:07 | 00,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2009.02.21 20:39:07 | 00,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2009.02.21 20:39:07 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2009.02.21 20:39:07 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2009.02.21 20:39:07 | 00,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2009.02.21 20:39:07 | 00,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2009.02.21 20:39:07 | 00,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2009.02.21 20:39:07 | 00,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2009.02.21 20:39:07 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2009.02.21 20:39:07 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2009.02.21 20:39:07 | 00,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2009.02.21 20:39:07 | 00,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2009.02.21 20:39:07 | 00,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2009.02.21 20:39:07 | 00,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2009.02.21 20:39:07 | 00,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2009.02.21 20:39:07 | 00,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2009.02.21 20:39:07 | 00,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2009.02.21 20:39:07 | 00,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2009.02.21 20:39:07 | 00,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2009.02.21 20:39:07 | 00,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2009.02.21 20:39:07 | 00,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2009.02.21 20:39:07 | 00,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2009.02.21 20:39:07 | 00,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2009.02.21 20:39:07 | 00,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2009.02.21 20:39:06 | 00,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2009.02.21 20:39:06 | 00,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2009.02.21 20:39:06 | 00,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2009.02.21 20:39:06 | 00,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2009.02.21 20:39:06 | 00,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2009.02.21 20:39:06 | 00,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2009.02.21 20:39:06 | 00,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2009.02.21 20:39:06 | 00,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2009.02.21 20:39:06 | 00,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2009.02.21 20:39:06 | 00,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2009.02.21 20:39:06 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2009.02.21 20:39:06 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2009.02.21 20:39:06 | 00,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2009.02.21 20:39:06 | 00,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2009.02.21 20:39:06 | 00,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2009.02.21 20:39:03 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2009.02.21 20:38:55 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2009.02.21 20:38:55 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2009.02.21 20:38:55 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2009.02.21 20:38:55 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2009.02.21 20:38:52 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009.02.21 20:38:51 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009.02.21 20:38:51 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009.02.21 20:38:51 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009.02.21 20:38:51 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009.02.21 20:38:50 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009.02.21 20:38:50 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009.02.21 20:38:50 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009.02.21 20:38:50 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009.02.21 20:38:50 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009.02.21 20:38:50 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009.02.21 20:38:50 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009.02.21 20:38:50 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009.02.21 20:38:50 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009.02.21 20:38:50 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009.02.21 20:38:50 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009.02.21 20:38:50 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009.02.21 20:38:50 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009.02.21 20:38:50 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009.02.21 20:38:50 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009.02.21 20:38:50 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009.02.21 20:38:50 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009.02.21 20:38:49 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2009.02.21 20:38:49 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009.02.21 20:38:48 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009.02.21 20:38:48 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009.02.21 20:38:48 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009.02.21 20:38:48 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009.02.21 20:38:48 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009.02.21 20:38:48 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009.02.21 20:38:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009.02.21 20:38:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009.02.21 20:38:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009.02.21 20:38:47 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009.02.21 20:38:47 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009.02.21 20:38:47 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009.02.21 20:38:47 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009.02.21 20:38:47 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009.02.21 20:38:47 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009.02.21 20:38:46 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009.02.21 20:38:46 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009.02.21 20:38:46 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009.02.21 20:38:46 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009.02.21 20:38:46 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009.02.21 20:38:46 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009.02.21 20:38:46 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe
[2009.02.21 20:38:46 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009.02.21 20:38:46 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009.02.21 20:38:46 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009.02.21 20:38:46 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009.02.21 20:38:45 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009.02.21 20:38:44 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009.02.21 20:38:43 | 00,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2009.02.21 20:38:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009.02.21 20:38:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009.02.21 20:38:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009.02.21 20:38:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009.02.21 20:36:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009.02.21 20:36:29 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2009.02.21 20:34:54 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agpcpq.sys
[2009.02.21 20:34:54 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\alim1541.sys
[2009.02.21 20:34:54 | 00,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agp440.sys
[2009.02.21 20:34:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009.02.21 20:34:53 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009.02.21 20:34:53 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009.02.21 20:34:53 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys
[2009.02.21 20:34:53 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009.02.21 20:34:53 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbth.sys
[2009.02.21 20:34:53 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidir.sys
[2009.02.21 20:34:52 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009.02.21 20:34:52 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009.02.21 20:34:52 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009.02.21 20:34:52 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009.02.21 20:34:51 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys
[2009.02.21 20:34:51 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\viaagp.sys
[2009.02.21 20:34:51 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys
[2009.02.21 20:34:51 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009.02.21 20:34:51 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009.02.21 15:56:06 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009.02.21 14:44:21 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Kjetil Vaage\Application Data\SecuROM
[2009.02.21 12:54:13 | 01,197,294 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009.02.21 12:54:12 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\umdf\MsftWdf_user_01_00_00.Wdf
[2009.02.21 12:53:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\umdf
[2009.02.21 12:52:46 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2009.02.21 12:23:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009.02.21 12:23:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2009.02.21 12:22:55 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009.02.21 12:22:24 | 00,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2009.02.21 12:21:22 | 00,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2009.02.18 20:37:19 | 00,043,229 | ---- | C] () -- C:\Documents and Settings\Kjetil Vaage\Desktop\asx-tlotrq.exe
[2009.02.18 18:02:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kjetil Vaage\My Documents\Prince of Persia
[2009.02.18 15:44:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kjetil Vaage\My Documents\The Lord of the Rings - Conquest
[2009.02.18 15:43:28 | 00,001,951 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Lord of the Rings - Conquest™.lnk
[2009.02.18 13:50:42 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009.02.18 13:50:42 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009.02.18 13:50:41 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009.02.18 13:50:41 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009.02.18 13:50:41 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009.02.18 13:50:40 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009.02.15 19:14:33 | 00,000,000 | ---D | C] -- C:\Program Files\Pontifex II

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009.03.12 16:59:46 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Kjetil Vaage\Desktop\Rooter.exe
[2009.03.12 16:58:30 | 00,497,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kjetil Vaage\Desktop\OTListIt2.exe
[2009.03.12 16:09:32 | 00,503,200 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009.03.12 16:09:32 | 00,428,160 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009.03.12 16:09:32 | 00,066,778 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009.03.12 16:04:50 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.03.12 16:04:40 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.03.12 16:03:28 | 04,841,044 | -H-- | M] () -- C:\Documents and Settings\Kjetil Vaage\Local Settings\Application Data\IconCache.db
[2009.03.12 14:47:25 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009.03.12 14:47:21 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009.03.12 14:40:01 | 31,262,848 | ---- | M] () -- C:\Documents and Settings\Kjetil Vaage\Desktop\setupeng.exe
[2009.03.12 14:30:58 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.03.12 14:29:53 | 02,876,720 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Kjetil Vaage\Desktop\mbam-setup.exe
[2009.03.12 14:25:21 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Kjetil Vaage\Desktop\NTREGOPT.lnk
[2009.03.12 14:25:21 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Kjetil Vaage\Desktop\ERUNT.lnk
[2009.03.12 14:24:49 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Kjetil Vaage\Desktop\erunt_setup.exe
[2009.03.12 14:12:33 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Kjetil Vaage\Desktop\HijackThis.lnk
[2009.03.12 14:12:17 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Kjetil Vaage\Desktop\HJTInstall.exe
[2009.03.12 13:49:04 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.03.12 13:44:27 | 00,137,728 | ---- | M] () -- C:\Documents and Settings\Kjetil Vaage\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.11 16:33:08 | 00,000,587 | ---- | M] () -- C:\Documents and Settings\Kjetil Vaage\My Documents\Mine delte mapper.lnk
[2009.03.11 15:36:47 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.03.10 16:40:53 | 00,000,764 | ---- | M] () -- C:\Documents and Settings\Kjetil Vaage\My Documents\trening.rtf
[2009.03.10 13:10:58 | 00,002,136 | ---- | M] () -- C:\Documents and Settings\Kjetil Vaage\My Documents\Rapport utplassering.rtf
[2009.03.09 23:54:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009.03.09 23:12:27 | 00,000,897 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2009.03.09 23:12:17 | 00,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2009.03.09 23:12:17 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2009.03.09 23:12:17 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009.03.09 23:02:50 | 00,297,024 | ---- | M] () -- C:\Documents and Settings\Kjetil Vaage\My Documents\[OPFansMaplesnow][One_Piece][391][848x480](1).avi
[2009.03.09 23:02:28 | 00,297,024 | ---- | M] () -- C:\Documents and Settings\Kjetil Vaage\My Documents\[OPFansMaplesnow][One_Piece][391][848x480].avi
[2009.03.04 18:24:22 | 00,023,632 | ---- | M] () -- C:\Documents and Settings\Kjetil Vaage\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009.02.28 18:26:12 | 01,282,560 | ---- | M] () -- C:\Documents and Settings\Kjetil Vaage\Desktop\stressre.exe
[2009.02.23 20:09:06 | 00,001,872 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2009.02.21 21:39:40 | 31,879,336 | ---- | M] (Microsoft® Corporation) -- C:\Documents and Settings\Kjetil Vaage\Desktop\gfwlivesetupmin.exe
[2009.02.21 21:32:55 | 00,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Rockstar Games Social Club.lnk
[2009.02.21 21:27:55 | 00,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009.02.21 20:53:47 | 00,000,083 | -HS- | M] () -- C:\Documents and Settings\Kjetil Vaage\My Documents\desktop.ini
[2009.02.21 20:52:25 | 00,124,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.02.21 20:34:37 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009.02.21 15:07:55 | 00,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009.02.21 12:54:12 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\umdf\MsftWdf_user_01_00_00.Wdf
[2009.02.21 12:53:52 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009.02.18 15:43:28 | 00,001,951 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Lord of the Rings - Conquest™.lnk
[2009.02.11 10:19:42 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.02.11 10:19:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
< End of report >


OTListIt Extras logfile created on: 12.03.2009 17:15:44 - Run 1
OTListIt2 by OldTimer - Version 2.0.3.5 Folder = C:\Documents and Settings\Kjetil Vaage\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000414 | Country: Norway | Language: NOR | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 63,69 Gb Free Space | 42,73% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KJETIL
Current User Name: Kjetil Vaage
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\BearShare\Bearshare.exe:*:Enabled:BearShare (Free Peers, Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club (Take-Two Interactive Software, Inc.)
C:\Spill\Saints Row 2\SR2_pc.exe:*:Enabled:SR2_pc File not found
C:\Program Files\Saints Row 2\SR2_pc.exe:*:Enabled:SR2_pc ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4218D9DC-282B-4596-BEA5-F20560C14400}" = Windows Live installer
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{51E43DA1-CAEA-4264-9BB8-3F47ED57E2A4}" = TI InterActive!™
"{628C3D50-F524-4C49-A958-672CE7953756}" = The Lord of the Rings - Conquest™
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{886F91D5-4B45-45DC-938E-6B0276C6B015}" = Solid Edge V20
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1033}" = Nero 8
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Påloggingsassistent for Windows Live
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{D70A63D1-2F54-4713-8AE6-BBD28D1A62E6}" = Windows Live Messenger
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"09DE32C4F7BD75AFC4FD14FE55D82891A5C397E0" = Windows Driver Package - Intel net (04/30/2007 11.1.1.11)
"6455D19F3BFC2585EA48D0648505F8DA7DAC3629" = Windows Driver Package - Intel (NETw4x32) net (04/30/2007 11.1.1.11)
"737C4F107F61FFE46CE45CCA503223FBA5BD00FC" = Windows Driver Package - Intel net (04/30/2007 11.1.1.11)
"A52334752DB8BF051DEADD0BADDDA32C2255FDC0" = Windows Driver Package - Intel (w29n51) net (04/04/2007 9.0.4.36)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast!" = avast! Antivirus
"BearShare_is1" = BearShare Pro 5.2.6.0
"E54DA55EE47A80110F490DB66639833EB0CC8059" = Windows Driver Package - Intel net (05/28/2007 11.1.1.13)
"ERUNT_is1" = ERUNT 1.1j
"HijackThis" = HijackThis 2.0.2
"Magic Video Converter_is1" = Magic Video Converter Trial Version (English) 8.0.2.18
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Mozilla Firefox (3.0.7)" = Mozilla Firefox (3.0.7)
"NimoCorp" = Nimo Codecs Pack v5.0 (Remove Only)
"NVIDIA Drivers" = NVIDIA Drivers
"Pontifex II" = Pontifex II
"RealPlayer 6.0" = RealPlayer
"SMSERIAL" = Motorola SM56 Data Fax Modem
"VLC media player" = VLC media player 0.9.6
"Wanko to Kurasou English_is1" = Wanko to Kurasou English v1.0
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11.03.2009 10:49:21 | Computer Name = KJETIL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module libavcodec.dll, version 0.0.0.0, fault address 0x00008235.

Error - 11.03.2009 10:51:15 | Computer Name = KJETIL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module libavcodec.dll, version 0.0.0.0, fault address 0x00008235.

Error - 11.03.2009 11:35:47 | Computer Name = KJETIL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module libavcodec.dll, version 0.0.0.0, fault address 0x00008235.

Error - 11.03.2009 11:35:51 | Computer Name = KJETIL | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 12.03.2009 08:44:00 | Computer Name = KJETIL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module libavcodec.dll, version 0.0.0.0, fault address 0x00008235.

Error - 12.03.2009 08:44:33 | Computer Name = KJETIL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module libavcodec.dll, version 0.0.0.0, fault address 0x00008235.

Error - 12.03.2009 08:46:17 | Computer Name = KJETIL | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module libavcodec.dll, version 0.0.0.0, fault address 0x00008235.

Error - 12.03.2009 08:49:07 | Computer Name = KJETIL | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 12.03.2009 09:22:22 | Computer Name = KJETIL | Source = Application Hang | ID = 1002
Description = Hanging application ATF_Cleaner.exe, version 3.0.0.2, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12.03.2009 09:45:50 | Computer Name = KJETIL | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: The data is invalid.

[ System Events ]
Error - 12.03.2009 10:47:15 | Computer Name = KJETIL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12.03.2009 10:47:15 | Computer Name = KJETIL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12.03.2009 10:47:15 | Computer Name = KJETIL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12.03.2009 10:47:15 | Computer Name = KJETIL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12.03.2009 10:47:15 | Computer Name = KJETIL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12.03.2009 10:47:15 | Computer Name = KJETIL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12.03.2009 10:47:15 | Computer Name = KJETIL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12.03.2009 10:47:15 | Computer Name = KJETIL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12.03.2009 10:47:15 | Computer Name = KJETIL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12.03.2009 10:47:15 | Computer Name = KJETIL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.


< End of report >








Microsoft Windows XP Professional (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:152617 Mo/Free:3773 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

12.03.2009|17:19

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashServ.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\RTHDCPL.EXE
---------- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
---------- C:\WINDOWS\system32\RUNDLL32.EXE
---------- C:\WINDOWS\system32\rundll32.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
---------- C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
---------- C:\Program Files\DAEMON Tools\daemon.exe
---------- C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
---------- C:\Program Files\Steam\Steam.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
---------- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
---------- C:\WINDOWS\System32\alg.exe
---------- c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\Documents and Settings\Kjetil Vaage\Desktop\Rooter.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!


----------------------\\ Cracks & Keygens..

C:\DOCUME~1\KJETIL~1\Application Data\uTorrent\Pontifex II & Bridge Construction 1.30 with Keygen and Extra Maps and Manual.rar.torrent
C:\DOCUME~1\KJETIL~1\My Documents\Downloads\C&C Red Alert 3 KeyGen - RELOADED.rar
C:\DOCUME~1\KJETIL~1\My Documents\Downloads\C&C Red Alert 3 KeyGen.exe
C:\DOCUME~1\KJETIL~1\My Documents\Downloads\Pontifex II & Bridge Construction 1.30 with Keygen and Extra Maps and Manual.rar
C:\DOCUME~1\KJETIL~1\My Documents\Downloads\Pontifex II & Bridge Construction 1.30 with Keygen and Extra Maps and Manual\1_File Number 1.exe
C:\DOCUME~1\KJETIL~1\My Documents\Downloads\Pontifex II & Bridge Construction 1.30 with Keygen and Extra Maps and Manual\2_keygen.exe
C:\DOCUME~1\KJETIL~1\My Documents\Downloads\Pontifex II & Bridge Construction 1.30 with Keygen and Extra Maps and Manual\3_File Number 3.exe
C:\DOCUME~1\KJETIL~1\My Documents\Downloads\Pontifex II & Bridge Construction 1.30 with Keygen and Extra Maps and Manual\Manual.rar
C:\DOCUME~1\KJETIL~1\My Documents\Downloads\Pontifex II & Bridge Construction 1.30 with Keygen and Extra Maps and Manual\packer.exe
C:\DOCUME~1\KJETIL~1\My Documents\Downloads\Pontifex II & Bridge Construction 1.30 with Keygen and Extra Maps and Manual\What to do.txt
C:\DOCUME~1\KJETIL~1\My Documents\Downloads\Pontifex II & Bridge Construction 1.30 with Keygen and Extra Maps and Manual\files\eadmappack\readme.txt
C:\DOCUME~1\KJETIL~1\My Documents\Downloads\Pontifex II & Bridge Construction 1.30 with Keygen and Extra Maps and Manual\files\echmech\ReadMe.txt
C:\DOCUME~1\KJETIL~1\My Documents\Downloads\Pontifex II & Bridge Construction 1.30 with Keygen and Extra Maps and Manual\files\malaria_map_pack\readme.txt
C:\DOCUME~1\KJETIL~1\My Documents\Downloads\Pontifex II & Bridge Construction 1.30 with Keygen and Extra Maps and Manual\files\packer\map pack readme.txt
C:\DOCUME~1\KJETIL~1\My Documents\Downloads\Pontifex II & Bridge Construction 1.30 with Keygen and Extra Maps and Manual\files\packer\packer.exe


1 - "C:\Rooter$\Rooter_1.txt" - 12.03.2009|17:20

----------------------\\ Scan completed at 17:20






Any help would be appreciated.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP