OTL logfile created on: 16-11-2010 15:06:25 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
 
1.024,00 Mb Total Physical Memory | 498,00 Mb Available Physical Memory | 49,00% Memory free
8,00 Gb Paging File | 8,00 Gb Available in Paging File | 96,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive C: | 16,83 Gb Total Space | 13,21 Gb Free Space | 78,50% Space Free | Partition Type: NTFS
Drive D: | 76,33 Gb Total Space | 23,11 Gb Free Space | 30,28% Space Free | Partition Type: NTFS
Drive E: | 97,65 Gb Total Space | 31,09 Gb Free Space | 31,84% Space Free | Partition Type: NTFS
Drive H: | 0,90 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: COMPUTER | User Name: Marjolein | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010-11-16 13:46:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad\OTL.exe
PRC - [2010-11-16 13:45:48 | 000,258,560 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad\OTH.scr
PRC - [2010-08-02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) -- E:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010-08-02 16:09:56 | 000,281,768 | ---- | M] (Avira GmbH) -- E:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-08-02 16:09:56 | 000,267,944 | ---- | M] (Avira GmbH) -- E:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010-01-14 22:11:02 | 000,076,968 | ---- | M] (Avira GmbH) -- E:\Program Files\Avira\AntiVir Desktop\avshadow.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010-11-16 13:46:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad\OTL.exe
MOD - [2010-08-23 17:13:25 | 001,054,208 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] -- E:\WINDOWS\System32\sshnas21.dll -- (SSHNAS)
SRV - File not found [On_Demand | Stopped] -- E:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe -- (ExpressAccountsService)
SRV - File not found [On_Demand | Stopped] -- E:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- E:\Program Files\Common Files\tya62hfb\zmaodn92.exe -- (7abs3rho7)
SRV - [2010-11-11 18:55:20 | 001,375,992 | ---- | M] (Lavasoft) [Auto | Start_Pending] -- E:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010-10-05 03:27:16 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- E:\Program Files\McAfee Security Scan\3.0.188\McCHSvc.exe -- (McComponentHostService)
SRV - [2010-08-02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- E:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010-08-02 16:09:56 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- E:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-04-16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- E:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-01-20 14:24:22 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-09-02 11:32:02 | 000,280,833 | R--- | M] () [Auto | Stopped] -- E:\Documents and Settings\All Users.WINDOWS\Application Data\Norton\Norton2009Reset.exe -- (.norton2009Reset)
SRV - [2006-12-14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- E:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006-12-14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- E:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006-12-14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- E:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006-11-10 16:12:30 | 000,099,936 | ---- | M] () [Auto | Stopped] -- E:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2005-11-14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- E:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003-08-14 12:19:00 | 000,135,168 | ---- | M] (WIDCOMM, Inc.) [Auto | Stopped] -- E:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2000-06-29 09:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) [Auto | Stopped] -- E:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2010-11-11 18:55:28 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Running] -- E:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010-09-23 08:46:08 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- E:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010-08-02 16:10:10 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010-08-02 16:10:10 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- E:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-06-17 15:27:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010-06-17 15:27:14 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- E:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009-03-19 15:24:12 | 000,018,560 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\vtcdrv.sys -- (vtcdrv)
DRV - [2009-03-18 11:34:44 | 001,512,960 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\cmudax3.sys -- (cmuda3)
DRV - [2009-02-25 23:58:57 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008-08-14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- E:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2008-04-14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007-11-21 20:44:32 | 000,037,888 | ---- | M] (Dogbert) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\cmipci.sys -- (cmipci)
DRV - [2007-11-21 00:09:22 | 000,104,320 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006-06-16 10:04:38 | 000,035,712 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- E:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2006-02-14 15:02:56 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2005-03-01 07:01:40 | 000,392,704 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003-08-14 11:37:00 | 000,022,183 | ---- | M] () [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2003-08-14 11:36:00 | 000,222,876 | ---- | M] (WIDCOMM, Inc.) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\btslbcsp.sys -- (BTSLBCSP)
DRV - [2003-08-14 11:33:00 | 001,257,418 | ---- | M] (WIDCOMM, Inc.) [Kernel | Boot | Running] -- E:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2003-08-14 11:25:00 | 000,030,235 | ---- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2003-08-14 11:24:00 | 000,146,812 | ---- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2003-08-14 11:23:00 | 000,021,861 | ---- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\btaudio.sys -- (BtAudio)
DRV - [2003-08-14 11:22:00 | 000,051,848 | ---- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2000-02-03 20:53:12 | 000,024,608 | ---- | M] () [Kernel | System | Running] -- E:\WINDOWS\system32\ckldrv.sys -- (NetworkX)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.google.nl/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2010-09-21 18:25:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2010-06-26 10:30:49 | 000,000,000 | ---D | M]
 
[2010-02-24 10:55:08 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\Mozilla\Extensions
[2010-11-08 10:08:29 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\Mozilla\Firefox\Profiles\5f2h9hnq.default\extensions
[2010-04-28 09:39:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\Mozilla\Firefox\Profiles\5f2h9hnq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-04-14 22:47:12 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\Mozilla\Firefox\Profiles\5f2h9hnq.default\extensions\personas@christopher.beard
[2010-11-08 10:08:28 | 000,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions
[2010-05-13 14:55:36 | 000,000,000 | ---D | M] (Java Console) -- E:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-09-21 18:11:12 | 000,000,000 | ---D | M] (Java Console) -- E:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-02-24 10:57:39 | 000,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions\personas@christopher.beard
[2010-07-17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- E:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2004-08-04 12:00:00 | 000,000,776 | ---- | M]) - E:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (WakoopaBHOClass Class) - {FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773} - E:\Documents and Settings\Marjolein.COMPUTER\Local Settings\Application Data\Wakoopa Shared\WakoopaBHO.dll (Wakoopa)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] E:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] E:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKCU..\Run: [TNS NIPO Clicks] E:\Documents and Settings\Marjolein.COMPUTER\Local Settings\Application Data\TNS NIPO Clicks\TNS NIPO Clicks.exe (QD Tracking)
O4 - Startup: E:\Documents and Settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: E:\Documents and Settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\BTTray.lnk = E:\Program Files\Sitecom\Bluetooth Software\BTTray.exe (WIDCOMM, Inc.)
O4 - Startup: E:\Documents and Settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\McAfee Security Scan Plus.lnk = E:\Program Files\McAfee Security Scan\3.0.188\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: E:\Documents and Settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\Password .lnk = E:\WINDOWS\Temp\Password .exe (Freecom)
O4 - Startup: E:\Documents and Settings\Marjolein.COMPUTER\Menu Start\Programma's\Opstarten\Adobe Gamma.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verzenden naar &Bluetooth - E:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Sitecom\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Sitecom\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - E:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} http://www.cyclomedia.nl/download/components/CycloScopeLite.cab (CycloScopeLite Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - E:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\Antiwpa: DllName - antiwpa.dll -  File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - E:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
O24 - Desktop WallPaper: E:\Documents and Settings\Marjolein.COMPUTER\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: E:\Documents and Settings\Marjolein.COMPUTER\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-08-22 12:45:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008-06-02 10:05:03 | 000,000,049 | RH-- | M] () - H:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) - E:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010-11-16 13:46:46 | 000,575,488 | ---- | C] (OldTimer Tools) -- E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad\OTL.exe
[2010-11-16 13:45:46 | 000,258,560 | ---- | C] (OldTimer Tools) -- E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad\OTH.scr
[2010-11-12 17:37:30 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad\Gandhi - DVDrip DivX [NL Dutch Subs]
[2010-11-11 18:55:38 | 000,064,288 | ---- | C] (Lavasoft AB) -- E:\WINDOWS\System32\drivers\Lbd.sys
[2010-11-11 18:55:31 | 000,098,392 | ---- | C] (Sunbelt Software) -- E:\WINDOWS\System32\drivers\SBREDrv.sys
[2010-11-11 18:51:42 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Marjolein.COMPUTER\Local Settings\Application Data\Sunbelt Software
[2010-11-11 18:42:51 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
[2010-11-11 18:33:05 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee Security Scan
[2010-11-11 18:32:54 | 000,000,000 | ---D | C] -- E:\Program Files\McAfee Security Scan
[2010-11-11 18:32:47 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
[2010-11-10 20:13:18 | 000,000,000 | -H-D | C] -- E:\Documents and Settings\All Users.WINDOWS\Application Data\{E961CE1B-C3EA-4882-9F67-F859B555D097}
[2010-11-10 20:09:48 | 000,000,000 | ---D | C] -- E:\Program Files\Lavasoft
[2010-11-10 10:51:15 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\Reallusion
[2010-11-10 10:48:47 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users.WINDOWS\Documenten\Reallusion
[2010-11-07 14:13:41 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\Avira
[2010-11-07 13:56:46 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\NtmsData
[2010-11-07 12:59:15 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad\Selectie van India Marjolein
[2010-04-15 16:28:07 | 000,047,360 | ---- | C] (VSO Software) -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\pcouffin.sys
[2010-02-01 13:33:02 | 013,711,432 | ---- | C] (Macrovision Corporation) -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\sa1ops08k_02_pal_eng.exe
[3 E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad\*.tmp files -> E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010-11-16 15:07:20 | 000,000,472 | ---- | M] () -- E:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010-11-16 15:07:00 | 000,000,304 | -H-- | M] () -- E:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010-11-16 15:03:24 | 000,000,254 | -H-- | M] () -- E:\WINDOWS\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010-11-16 15:03:23 | 000,000,304 | -H-- | M] () -- E:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010-11-16 15:01:39 | 000,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2010-11-16 15:01:36 | 1073,319,936 | -HS- | M] () -- E:\hiberfil.sys
[2010-11-16 13:46:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad\OTL.exe
[2010-11-16 13:45:48 | 000,258,560 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad\OTH.scr
[2010-11-15 17:39:36 | 000,002,278 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl
[2010-11-12 18:29:49 | 000,000,182 | ---- | M] () -- E:\WINDOWS\NeroDigital.ini
[2010-11-12 18:27:10 | 000,248,320 | ---- | M] () -- E:\Documents and Settings\Marjolein.COMPUTER\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-12 17:37:07 | 000,000,603 | ---- | M] () -- E:\Documents and Settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\Password .lnk
[2010-11-11 18:55:30 | 000,098,392 | ---- | M] (Sunbelt Software) -- E:\WINDOWS\System32\drivers\SBREDrv.sys
[2010-11-11 18:43:48 | 000,000,895 | ---- | M] () -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010-11-11 18:43:47 | 000,000,877 | ---- | M] () -- E:\Documents and Settings\All Users.WINDOWS\Bureaublad\Ad-Aware.lnk
[2010-11-11 18:33:05 | 000,001,813 | ---- | M] () -- E:\Documents and Settings\All Users.WINDOWS\Bureaublad\McAfee Security Scan Plus.lnk
[2010-11-11 18:33:05 | 000,001,809 | ---- | M] () -- E:\Documents and Settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\McAfee Security Scan Plus.lnk
[2010-11-10 20:21:54 | 000,000,036 | ---- | M] () -- E:\Documents and Settings\Marjolein.COMPUTER\Local Settings\Application Data\housecall.guid.cache
[2010-11-10 10:47:29 | 000,000,935 | ---- | M] () -- E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad\Revo Uninstaller.lnk
[2010-11-07 09:46:37 | 003,090,744 | ---- | M] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2010-11-07 01:17:38 | 000,001,374 | ---- | M] () -- E:\WINDOWS\imsins.BAK
[2010-11-06 13:27:35 | 000,508,570 | ---- | M] () -- E:\WINDOWS\System32\perfh013.dat
[2010-11-06 13:27:35 | 000,440,684 | ---- | M] () -- E:\WINDOWS\System32\perfh009.dat
[2010-11-06 13:27:35 | 000,090,642 | ---- | M] () -- E:\WINDOWS\System32\perfc013.dat
[2010-11-06 13:27:35 | 000,071,002 | ---- | M] () -- E:\WINDOWS\System32\perfc009.dat
[3 E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad\*.tmp files -> E:\Documents and Settings\Marjolein.COMPUTER\Bureaublad\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010-11-12 17:37:07 | 000,000,603 | ---- | C] () -- E:\Documents and Settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\Password .lnk
[2010-11-11 20:26:48 | 000,015,880 | ---- | C] () -- E:\WINDOWS\System32\lsdelete.exe
[2010-11-11 18:59:31 | 000,000,472 | ---- | C] () -- E:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010-11-11 18:43:48 | 000,000,895 | ---- | C] () -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010-11-11 18:43:47 | 000,000,877 | ---- | C] () -- E:\Documents and Settings\All Users.WINDOWS\Bureaublad\Ad-Aware.lnk
[2010-11-11 18:33:05 | 000,001,813 | ---- | C] () -- E:\Documents and Settings\All Users.WINDOWS\Bureaublad\McAfee Security Scan Plus.lnk
[2010-11-11 18:32:58 | 000,001,809 | ---- | C] () -- E:\Documents and Settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\McAfee Security Scan Plus.lnk
[2010-11-10 20:21:54 | 000,000,036 | ---- | C] () -- E:\Documents and Settings\Marjolein.COMPUTER\Local Settings\Application Data\housecall.guid.cache
[2010-11-10 10:43:27 | 000,000,304 | -H-- | C] () -- E:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010-11-10 10:43:24 | 000,000,304 | -H-- | C] () -- E:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010-11-10 10:43:21 | 000,000,254 | -H-- | C] () -- E:\WINDOWS\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010-10-06 16:53:52 | 000,195,312 | ---- | C] () -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\mdbu.bin
[2010-09-28 18:28:39 | 000,044,544 | ---- | C] () -- E:\WINDOWS\System32\Gif89.dll
[2010-04-15 16:28:47 | 000,001,057 | ---- | C] () -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\vso_ts_preview.xml
[2010-04-15 16:28:17 | 000,000,034 | ---- | C] () -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\pcouffin.log
[2010-04-15 16:28:07 | 000,087,608 | ---- | C] () -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\inst.exe
[2010-04-15 16:28:07 | 000,007,887 | ---- | C] () -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\pcouffin.cat
[2010-04-15 16:28:07 | 000,001,144 | ---- | C] () -- E:\Documents and Settings\Marjolein.COMPUTER\Application Data\pcouffin.inf
[2010-03-16 18:57:53 | 000,000,033 | ---- | C] () -- E:\Documents and Settings\All Users.WINDOWS\Application Data\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
[2010-03-16 18:05:49 | 000,001,036 | ---- | C] () -- E:\Documents and Settings\All Users.WINDOWS\Application Data\ss.ini
[2010-02-16 17:02:41 | 000,000,141 | ---- | C] () -- E:\Documents and Settings\Marjolein.COMPUTER\Local Settings\Application Data\fusioncache.dat
[2010-01-28 14:22:09 | 000,000,067 | ---- | C] () -- E:\WINDOWS\Easy Video to DVD.INI
[2010-01-11 12:14:20 | 000,178,176 | ---- | C] () -- E:\WINDOWS\System32\unrar.dll
[2010-01-11 12:14:20 | 000,000,038 | ---- | C] () -- E:\WINDOWS\avisplitter.ini
[2009-12-07 16:20:14 | 000,001,024 | ---- | C] () -- E:\WINDOWS\System32\grcauth2.dll
[2009-12-07 16:20:14 | 000,001,024 | ---- | C] () -- E:\WINDOWS\System32\grcauth1.dll
[2009-12-07 16:20:14 | 000,000,100 | ---- | C] () -- E:\WINDOWS\System32\prsgrc.dll
[2009-06-09 13:24:52 | 000,000,028 | ---- | C] () -- E:\WINDOWS\Crypkey.ini
[2009-06-09 13:24:48 | 000,024,608 | ---- | C] () -- E:\WINDOWS\System32\Ckldrv.sys
[2009-06-09 13:24:48 | 000,018,432 | ---- | C] () -- E:\WINDOWS\Setup_ck.dll
[2009-06-02 10:29:28 | 000,034,308 | ---- | C] () -- E:\WINDOWS\System32\BASSMOD.dll
[2009-01-20 21:49:35 | 000,000,182 | ---- | C] () -- E:\WINDOWS\NeroDigital.ini
[2009-01-07 11:57:47 | 000,532,480 | ---- | C] () -- E:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2009-01-04 22:11:13 | 000,001,024 | ---- | C] () -- E:\WINDOWS\System32\clauth2.dll
[2009-01-04 22:11:13 | 000,001,024 | ---- | C] () -- E:\WINDOWS\System32\clauth1.dll
[2009-01-04 22:11:13 | 000,000,000 | ---- | C] () -- E:\WINDOWS\System32\ssprs.dll
[2009-01-04 22:11:13 | 000,000,000 | ---- | C] () -- E:\WINDOWS\System32\nsprs.dll
[2009-01-04 22:09:37 | 000,001,025 | ---- | C] () -- E:\WINDOWS\System32\sysprs7.dll
[2009-01-04 22:09:37 | 000,000,205 | ---- | C] () -- E:\WINDOWS\System32\lsprst7.dll
[2009-01-04 21:10:19 | 000,248,320 | ---- | C] () -- E:\Documents and Settings\Marjolein.COMPUTER\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-01-04 20:19:46 | 000,000,395 | ---- | C] () -- E:\WINDOWS\ODBC.INI
[2009-01-04 16:49:05 | 000,004,205 | ---- | C] () -- E:\WINDOWS\ODBCINST.INI
[2008-12-28 17:59:44 | 004,377,500 | ---- | C] () -- E:\WINDOWS\System32\libavcodec.dll
[2008-12-28 16:51:00 | 000,239,247 | ---- | C] () -- E:\WINDOWS\System32\ff_theora.dll
[2008-12-28 16:50:50 | 000,145,609 | ---- | C] () -- E:\WINDOWS\System32\libmpeg2_ff.dll
[2008-12-28 16:49:08 | 000,560,802 | ---- | C] () -- E:\WINDOWS\System32\libmplayer.dll
[2008-12-16 23:31:50 | 000,062,304 | ---- | C] () -- E:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2008-12-12 17:57:38 | 000,142,848 | ---- | C] () -- E:\WINDOWS\System32\ff_liba52.dll
[2008-12-12 12:30:31 | 000,693,792 | ---- | C] () -- E:\WINDOWS\System32\OGACheckControl.dll
[2008-12-09 19:57:26 | 000,183,296 | ---- | C] () -- E:\WINDOWS\System32\ff_samplerate.dll
[2008-12-09 19:57:18 | 000,178,688 | ---- | C] () -- E:\WINDOWS\System32\ff_libmad.dll
[2008-12-09 19:57:02 | 000,113,152 | ---- | C] () -- E:\WINDOWS\System32\ff_unrar.dll
[2008-12-09 19:56:42 | 000,146,944 | ---- | C] () -- E:\WINDOWS\System32\ff_tremor.dll
[2008-12-09 19:56:34 | 000,257,024 | ---- | C] () -- E:\WINDOWS\System32\ff_libdts.dll
[2008-12-09 19:56:22 | 000,485,888 | ---- | C] () -- E:\WINDOWS\System32\ff_libfaad2.dll
[2008-12-08 14:37:04 | 000,884,237 | ---- | C] () -- E:\WINDOWS\System32\ff_x264.dll
[2008-12-08 14:34:42 | 000,881,664 | ---- | C] () -- E:\WINDOWS\System32\xvidcore.dll
[2008-12-08 13:53:40 | 000,093,184 | ---- | C] () -- E:\WINDOWS\System32\ff_wmv9.dll
[2008-12-08 13:53:32 | 000,085,504 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll
[2008-12-04 22:46:08 | 000,205,824 | ---- | C] () -- E:\WINDOWS\System32\xvidvfw.dll
[2008-11-26 20:55:22 | 000,683,520 | ---- | C] () -- E:\WINDOWS\System32\ff_kernelDeint.dll
[2008-11-26 19:49:10 | 000,238,080 | ---- | C] () -- E:\WINDOWS\System32\TomsMoComp_ff.dll
[2008-03-29 16:42:22 | 000,245,248 | ---- | C] () -- E:\WINDOWS\System32\dxr.dll
[2008-03-29 16:42:20 | 000,159,744 | ---- | C] () -- E:\WINDOWS\System32\mmfinfo.dll
[2008-03-29 16:42:14 | 000,102,400 | ---- | C] () -- E:\WINDOWS\System32\avss.dll
[2008-03-29 16:42:08 | 000,148,992 | ---- | C] () -- E:\WINDOWS\System32\mkx.dll
[2008-03-29 16:42:04 | 000,141,312 | ---- | C] () -- E:\WINDOWS\System32\mp4.dll
[2008-03-29 16:42:04 | 000,108,032 | ---- | C] () -- E:\WINDOWS\System32\avi.dll
[2008-03-29 16:42:02 | 000,120,832 | ---- | C] () -- E:\WINDOWS\System32\ogm.dll
[2008-03-29 16:42:00 | 000,163,840 | ---- | C] () -- E:\WINDOWS\System32\ts.dll
[2008-03-29 16:41:54 | 000,097,280 | ---- | C] () -- E:\WINDOWS\System32\avs.dll
[2008-03-29 16:41:52 | 000,079,360 | ---- | C] () -- E:\WINDOWS\System32\mkzlib.dll
[2008-03-29 16:41:52 | 000,023,552 | ---- | C] () -- E:\WINDOWS\System32\mkunicode.dll
[2007-10-13 10:30:20 | 000,000,137 | ---- | C] () -- E:\WINDOWS\System32\Registration.ini
[2005-03-26 16:01:34 | 000,049,152 | ---- | C] () -- E:\WINDOWS\System32\rtjpg.dll
[2005-03-26 16:01:32 | 000,106,496 | ---- | C] () -- E:\WINDOWS\System32\DSMyth.dll
[2005-03-26 16:01:28 | 000,180,224 | ---- | C] () -- E:\WINDOWS\System32\MythSource.dll
[2005-02-14 15:27:30 | 001,069,056 | ---- | C] () -- E:\WINDOWS\System32\libmySQL.dll
[2003-08-14 12:17:00 | 000,073,728 | ---- | C] () -- E:\WINDOWS\System32\btsendto_ie.dll
[2003-08-14 12:16:00 | 000,065,536 | ---- | C] () -- E:\WINDOWS\System32\btsendto_wab.dll
[2003-08-14 11:50:00 | 000,065,536 | ---- | C] () -- E:\WINDOWS\System32\btprn2k.dll
[2003-08-14 11:37:00 | 000,022,183 | ---- | C] () -- E:\WINDOWS\System32\drivers\btserial.sys
[2003-05-09 23:36:30 | 000,151,744 | ---- | C] () -- E:\WINDOWS\System32\ir32.dll
[2001-11-14 12:56:00 | 001,802,240 | ---- | C] () -- E:\WINDOWS\System32\lcppn21.dll
[1999-01-22 15:46:58 | 000,065,536 | ---- | C] () -- E:\WINDOWS\System32\MSRTEDIT.DLL
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2009-06-10 07:09:57 | 000,000,000 | ---D | M](E:\WINDOWS\System32\?½) -- E:\WINDOWS\System32\½
[2009-06-10 07:09:57 | 000,000,000 | ---D | C](E:\WINDOWS\System32\?½) -- E:\WINDOWS\System32\½

< End of report >