Hello Jintan,
thank you for your welcome and fast reply!
I performed the actions you asked for, the only thing I couldn't do was upload the file C:\Users\Wouter Schrier\AppData\Roaming\install\server.exe, since for some reason I was not able to find it!
Here are my logs:
OTL.txtOTL logfile created on: 15-11-2010 10:22:23 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Wouter Schrier\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 71,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): s:\pagefile.sys 2048 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 165,66 Gb Total Space | 72,53 Gb Free Space | 43,78% Space Free | Partition Type: NTFS
Drive D: | 61,21 Gb Total Space | 37,40 Gb Free Space | 61,09% Space Free | Partition Type: NTFS
Drive E: | 300,10 Gb Total Space | 86,07 Gb Free Space | 28,68% Space Free | Partition Type: NTFS
Drive F: | 100,00 Gb Total Space | 40,13 Gb Free Space | 40,13% Space Free | Partition Type: NTFS
Drive G: | 300,54 Gb Total Space | 97,12 Gb Free Space | 32,32% Space Free | Partition Type: NTFS
Drive S: | 4,00 Gb Total Space | 1,95 Gb Free Space | 48,82% Space Free | Partition Type: NTFS
Computer Name: WOUTERSCHRIER | User Name: Wouter Schrier | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2010-11-15 10:21:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Wouter Schrier\Downloads\OTL.exe
PRC - [2010-11-01 22:36:03 | 000,974,904 | ---- | M] (Google Inc.) -- C:\Users\Wouter Schrier\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010-03-23 15:15:58 | 000,704,760 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe
PRC - [2010-02-26 06:10:20 | 021,979,992 | ---- | M] () -- C:\Users\Wouter Schrier\AppData\Roaming\Dropbox\bin\Dropbox.exe
========== Modules (SafeList) ========== MOD - [2010-11-15 10:21:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Wouter Schrier\Downloads\OTL.exe
MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2010-08-04 00:51:22 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2010-05-06 10:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:
64bit: - [2010-03-25 22:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:
64bit: - [2009-12-15 21:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV:
64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010-09-08 22:12:34 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010-03-23 15:15:58 | 000,704,760 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2010-09-08 15:59:27 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:
64bit: - [2010-09-08 15:46:11 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:
64bit: - [2010-08-04 01:22:38 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:
64bit: - [2010-08-04 00:15:46 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:
64bit: - [2010-03-18 10:00:40 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:
64bit: - [2010-03-18 10:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:
64bit: - [2010-03-18 10:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:
64bit: - [2009-10-13 01:15:52 | 000,061,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\l160x64.sys -- (AtcL001)
DRV:
64bit: - [2009-09-16 06:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:
64bit: - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:
64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2005-03-29 00:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1307191677-1467720726-2620043386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://nl.msn.com/?ocid=iehpIE - HKU\S-1-5-21-1307191677-1467720726-2620043386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
IE - HKU\S-1-5-21-1307191677-1467720726-2620043386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 88 B1 9B 02 2F 80 CB 01 [binary data]
IE - HKU\S-1-5-21-1307191677-1467720726-2620043386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2010-09-08 22:10:11 | 000,000,859 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1307191677-1467720726-2620043386-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:
64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:
64bit: - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1307191677-1467720726-2620043386-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\Wouter Schrier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Wouter Schrier\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:
64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:
64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:
64bit: - AppInit_DLLs: (acaptuser64.dll) - C:\Windows\SysNative\acaptuser64.dll (Adobe Systems, Inc.)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\Windows\SysWow64\acaptuser32.dll (Adobe Systems Incorporated)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:
64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2010-11-15 10:06:29 | 000,000,000 | ---D | C] -- C:\Users\Wouter Schrier\AppData\Roaming\Malwarebytes
[2010-11-15 10:06:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010-11-15 10:06:19 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010-11-15 10:06:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010-11-15 10:06:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-11-04 16:47:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image Resizer
[2010-10-31 21:17:16 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2010-10-31 21:09:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo II
[2010-10-27 15:58:17 | 000,000,000 | ---D | C] -- C:\Users\Wouter Schrier\AppData\Roaming\Hothead Games
[2010-10-27 15:58:17 | 000,000,000 | ---D | C] -- C:\Users\Wouter Schrier\AppData\Roaming\Hive Cluster
[2010-10-27 15:55:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deathspank
[2010-10-27 15:52:22 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010-10-27 15:52:22 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010-10-27 15:52:22 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010-10-27 15:52:22 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010-10-27 15:52:22 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010-10-27 15:52:22 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010-10-27 15:52:22 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010-10-27 15:27:05 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010-10-17 16:12:46 | 000,000,000 | ---D | C] -- C:\Documents
[2010-10-16 22:10:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2010-10-16 22:10:46 | 000,000,000 | ---D | C] -- D:\Documents\EA Games
[2010-10-16 21:50:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Medal of Honor
[2010-10-16 16:56:31 | 000,000,000 | ---D | C] -- D:\Documents\SafeNet Sentinel
[2010-10-16 16:56:31 | 000,000,000 | ---D | C] -- C:\Users\Wouter Schrier\.spss
[2010-10-16 16:55:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
[2010-10-16 16:54:58 | 000,000,000 | ---D | C] -- C:\ProgramData\SPSS
[2010-10-16 16:54:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SPSS
[2010-10-16 16:53:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SPSSInc
[2010-10-16 16:51:12 | 000,000,000 | ---D | C] -- D:\Documents\Kring Amsterdam
[2010-09-08 15:59:27 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Wouter Schrier\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010-11-15 10:20:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-11-15 10:20:04 | 3220,525,056 | -HS- | M] () -- C:\hiberfil.sys
[2010-11-15 10:19:28 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2010-11-15 10:18:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1307191677-1467720726-2620043386-1000UA.job
[2010-11-15 10:06:23 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-11-15 09:58:09 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-11-15 09:58:09 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-11-15 09:56:30 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-11-15 09:56:30 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-11-15 09:56:30 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-11-15 09:54:51 | 003,970,918 | -H-- | M] () -- C:\Users\Wouter Schrier\AppData\Roaming\Wouter Schrierlog.dat
[2010-11-14 23:57:07 | 000,003,489 | ---- | M] () -- C:\Users\Wouter Schrier\Desktop\attach.zip
[2010-11-14 23:51:07 | 000,630,272 | ---- | M] () -- C:\Users\Wouter Schrier\Desktop\dds.scr
[2010-11-14 22:32:24 | 000,000,854 | ---- | M] () -- C:\Users\Wouter Schrier\Desktop\ThinkPoint.lnk
[2010-11-14 22:27:53 | 000,000,194 | ---- | M] () -- C:\Users\Wouter Schrier\AppData\Roaming\sdghzxfg.bat
[2010-11-13 23:18:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1307191677-1467720726-2620043386-1000Core.job
[2010-11-07 17:32:18 | 000,002,408 | ---- | M] () -- C:\Users\Wouter Schrier\Desktop\Google Chrome.lnk
[2010-11-04 09:13:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010-10-31 22:12:06 | 000,001,470 | ---- | M] () -- C:\Users\Wouter Schrier\Desktop\Diablo II.exe - Shortcut.lnk
[2010-10-31 22:00:28 | 000,039,913 | ---- | M] () -- C:\Windows\DIIUnin.dat
[2010-10-31 21:59:10 | 000,021,840 | ---- | M] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010-10-31 21:59:10 | 000,017,212 | ---- | M] () -- C:\Windows\SysWow64\SIntf32.dll
[2010-10-31 21:59:10 | 000,012,067 | ---- | M] () -- C:\Windows\SysWow64\SIntf16.dll
[2010-10-31 21:23:23 | 000,001,911 | ---- | M] () -- C:\Users\Wouter Schrier\Desktop\Diablo II - Lord of Destruction.lnk
[2010-10-31 21:17:17 | 000,002,829 | ---- | M] () -- C:\Windows\DIIUnin.pif
[2010-10-31 21:17:17 | 000,001,911 | ---- | M] () -- C:\Users\Public\Desktop\Diablo II.lnk
[2010-10-31 21:17:16 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2010-10-27 15:57:56 | 000,001,041 | ---- | M] () -- C:\Users\Wouter Schrier\Desktop\DeathSpank.lnk
[2010-10-17 23:41:43 | 000,001,626 | ---- | M] () -- C:\Users\Wouter Schrier\Desktop\Medal of Honor.lnk
[2010-10-17 11:58:45 | 004,910,048 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2010-11-15 10:06:23 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-11-14 23:57:07 | 000,003,489 | ---- | C] () -- C:\Users\Wouter Schrier\Desktop\attach.zip
[2010-11-14 23:51:03 | 000,630,272 | ---- | C] () -- C:\Users\Wouter Schrier\Desktop\dds.scr
[2010-11-14 22:29:33 | 000,000,854 | ---- | C] () -- C:\Users\Wouter Schrier\Desktop\ThinkPoint.lnk
[2010-11-14 22:27:53 | 000,000,194 | ---- | C] () -- C:\Users\Wouter Schrier\AppData\Roaming\sdghzxfg.bat
[2010-11-04 09:13:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010-10-31 22:12:00 | 000,001,470 | ---- | C] () -- C:\Users\Wouter Schrier\Desktop\Diablo II.exe - Shortcut.lnk
[2010-10-31 21:55:36 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010-10-31 21:55:36 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2010-10-31 21:55:36 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2010-10-31 21:23:23 | 000,001,911 | ---- | C] () -- C:\Users\Wouter Schrier\Desktop\Diablo II - Lord of Destruction.lnk
[2010-10-31 21:17:18 | 000,039,913 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2010-10-31 21:17:17 | 000,002,829 | ---- | C] () -- C:\Windows\DIIUnin.pif
[2010-10-31 21:17:17 | 000,001,911 | ---- | C] () -- C:\Users\Public\Desktop\Diablo II.lnk
[2010-10-27 15:52:07 | 000,001,041 | ---- | C] () -- C:\Users\Wouter Schrier\Desktop\DeathSpank.lnk
[2010-10-17 23:41:43 | 000,001,626 | ---- | C] () -- C:\Users\Wouter Schrier\Desktop\Medal of Honor.lnk
[2010-09-24 09:27:05 | 000,065,028 | ---- | C] () -- C:\Users\Wouter Schrier\AppData\Roaming\Wouter Schrier3SQLite3.dll
[2010-09-08 16:04:29 | 000,001,044 | ---- | C] () -- C:\Users\Wouter Schrier\AppData\Roaming\vso_ts_preview.xml
[2010-09-08 16:01:52 | 000,000,034 | ---- | C] () -- C:\Users\Wouter Schrier\AppData\Roaming\pcouffin.log
[2010-09-08 15:59:27 | 000,099,384 | ---- | C] () -- C:\Users\Wouter Schrier\AppData\Roaming\inst.exe
[2010-09-08 15:59:27 | 000,007,859 | ---- | C] () -- C:\Users\Wouter Schrier\AppData\Roaming\pcouffin.cat
[2010-09-08 15:59:27 | 000,001,167 | ---- | C] () -- C:\Users\Wouter Schrier\AppData\Roaming\pcouffin.inf
[2010-09-08 15:35:25 | 000,003,584 | ---- | C] () -- C:\Users\Wouter Schrier\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2005-04-08 03:16:43 | 003,970,918 | -H-- | C] () -- C:\Users\Wouter Schrier\AppData\Roaming\Wouter Schrierlog.dat
< End of report >
