OLT.txt:OTL Logfile: Code:
OTL logfile created on: 2/28/2013 3:10:26 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
502.00 Mb Total Physical Memory | 317.00 Mb Available Physical Memory | 63.00% Memory free
454.00 Mb Paging File | 330.00 Mb Available in Paging File | 73.00% Paging File free
Paging file location(s): D:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Programme
Drive C: | 11.24 Gb Total Space | 6.79 Gb Free Space | 60.44% Space Free | Partition Type: NTFS
Drive D: | 26.01 Gb Total Space | 2.91 Gb Free Space | 11.20% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled] -- -- (HidServ)
SRV - [2013/01/25 11:52:34 | 000,161,792 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Dokumente und Einstellungen\brunnet.HANDELSA-CL09O1\2382105.exe -- (winmgmt)
SRV - [2013/01/13 07:58:35 | 000,711,112 | ---- | M] () [Auto] -- D:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2013/01/12 08:45:25 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- D:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/29 09:23:08 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- D:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2007/01/09 10:16:12 | 000,061,440 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [Auto] -- D:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe -- (MZCCntrl)
SRV - [2003/11/05 07:32:16 | 000,053,340 | ---- | M] (Fujitsu Siemens Computers) [Auto] -- D:\Programme\DeskView\DVAnPMan\DVAnPMan.exe -- (DVAnPMan)
SRV - [2003/07/28 05:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (SNIF0011)
DRV - File not found [Kernel | On_Demand] -- -- (SNIF0010)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2013/01/20 10:28:09 | 000,013,024 | ---- | M] () [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2013/01/13 07:58:46 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System] -- D:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/01/12 08:45:28 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/01/12 08:45:28 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto] -- D:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 04:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/02/13 05:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/09/24 04:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- D:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/01/25 18:00:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2007/01/25 18:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\avmeject.sys -- (avmeject)
DRV - [2006/10/09 08:03:56 | 000,017,152 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand] -- D:\Programme\Gemeinsame Dateien\Marmiko Shared\MInfraIS\MIINPazx.sys -- (MIINPazX)
DRV - [2006/10/09 06:46:44 | 000,017,536 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand] -- D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys -- (MTOnlPktAlyX)
DRV - [2006/10/04 02:14:26 | 000,017,280 | ---- | M] (Marmiko IT-Solutions GmbH) [Kernel | On_Demand] -- D:\Programme\Gemeinsame Dateien\Marmiko Shared\MAcNdis5.sys -- (MACNDIS5)
DRV - [2006/01/12 06:46:28 | 000,252,928 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2004/08/24 15:42:00 | 000,319,104 | R--- | M] (Ralink Technology Inc.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2004/08/04 00:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - [2004/01/14 16:08:56 | 000,381,856 | ---- | M] (Deutsche Telekom AG) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\TS154ICB.sys -- (TS154_CB)
DRV - [2003/05/12 11:30:14 | 000,015,104 | ---- | M] (Deutsche Telekon) [Kernel | On_Demand] -- D:\Programme\T-COM\T-COM WLAN Manager T-Sinus 154card\Installer\WINXP\w32n5223.sys -- (w32n5223)
DRV - [2003/04/02 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- D:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2003/04/02 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- D:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001/08/17 22:35:52 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2000/07/23 18:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto] -- D:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)
DRV - [1999/12/31 19:00:00 | 000,674,560 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\w70n51.sys -- (w70n51) Intel(R)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\brunnet.HANDELSA-CL09O1_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://t-online.de/
IE - HKU\brunnet.HANDELSA-CL09O1_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService.NT-AUTORITÄT_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService.NT-AUTORITÄT_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: D:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: D:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\AVG Secure Search\FireFoxExt\13.2.0.5 [2013/01/13 08:02:30 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2003/04/02 07:00:00 | 000,000,820 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - D:\Programme\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - D:\Programme\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKU\brunnet.HANDELSA-CL09O1_ON_D\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\brunnet.HANDELSA-CL09O1_ON_D\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] D:\Programme\avmwlanstick\FRITZWLANMini.exe (AVM Berlin)
O4 - HKLM..\Run: [SoundMan] D:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] D:\Programme\Java\j2re1.4.2_01\bin\jusched.exe ()
O4 - HKLM..\Run: [ToADiMon.exe] D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKLM..\Run: [vProt] D:\Programme\AVG Secure Search\vprot.exe ()
O4 - HKU\.DEFAULT..\Run: [T-Online_Software_6\WLAN-Access Finder] D:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKU\brunnet.HANDELSA-CL09O1_ON_D..\Run: [SlimDrivers] D:\Programme\SlimDrivers\SlimDrivers.exe (SlimWare Utilities, Inc.)
O4 - HKU\brunnet.HANDELSA-CL09O1_ON_D..\Run: [T-Online_Software_6\WLAN-Access Finder] D:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - Startup: D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\OnlineControl.lnk = D:\Programme\OnlineControl\ocontrol.exe (T-Com Bereich Endgeräte)
O4 - Startup: D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\T-COM WLAN Manager T-Sinus 154card.lnk = D:\Programme\T-COM\T-COM WLAN Manager T-Sinus 154card\Installer\WINXP\DT11GMonitor.exe ()
O4 - Startup: D:\Dokumente und Einstellungen\brunnet.HANDELSA-CL09O1\Startmenü\Programme\Autostart\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\brunnet.HANDELSA-CL09O1_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService.NT-AUTORITÄT_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService.NT-AUTORITÄT_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - D:\Programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O30 - LSA: Authentication Packages - (nwprovau) - D:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/04/04 13:36:42 | 000,000,087 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2013/01/12 07:40:45 | 000,000,000 | ---- | M] () - C:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2004/04/14 04:37:49 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{a3174530-c8ba-11df-b2e6-000b5d2a6ce7}\Shell - "" = AutoRun
O33 - MountPoints2\{a3174530-c8ba-11df-b2e6-000b5d2a6ce7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a3174530-c8ba-11df-b2e6-000b5d2a6ce7}\Shell\AutoRun\command - "" = D:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.hta
O33 - MountPoints2\{b4e6f0b0-c8bb-11df-b2e7-000b5d2a6ce7}\Shell - "" = AutoRun
O33 - MountPoints2\{b4e6f0b0-c8bb-11df-b2e7-000b5d2a6ce7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b4e6f0b0-c8bb-11df-b2e7-000b5d2a6ce7}\Shell\AutoRun\command - "" = D:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.hta
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/01/25 11:52:34 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Dokumente und Einstellungen\brunnet.HANDELSA-CL09O1\2382105.exe
[4 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[1 D:\*.tmp files -> D:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/02/28 09:01:22 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2013/02/28 07:54:46 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2013/02/24 06:16:57 | 095,023,320 | ---- | M] () -- D:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\5012832.pad
[4 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[1 D:\*.tmp files -> D:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/01/25 11:53:27 | 000,002,961 | ---- | C] () -- D:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\5012832.js
[2013/01/25 11:52:59 | 095,023,320 | ---- | C] () -- D:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\5012832.pad
[2013/01/12 09:35:08 | 000,049,152 | ---- | C] () -- D:\WINDOWS\System32\ChCfg.exe
[2013/01/12 09:11:42 | 000,147,456 | ---- | C] () -- D:\WINDOWS\System32\RtlCPAPI.dll
[2013/01/12 07:56:58 | 000,013,024 | ---- | C] () -- D:\WINDOWS\System32\drivers\SWDUMon.sys
[2011/06/23 07:03:06 | 000,097,360 | ---- | C] () -- D:\WINDOWS\System32\drivers\Fwusb1b.bin
[2010/04/16 06:22:42 | 000,026,624 | ---- | C] () -- D:\WINDOWS\System32\BRGSRC32.DLL
[2010/04/16 06:22:42 | 000,004,608 | ---- | C] () -- D:\WINDOWS\System32\BRGSRC16.DLL
[2010/04/16 06:22:42 | 000,000,142 | ---- | C] () -- D:\WINDOWS\BRVIDEO.INI
[2010/04/16 06:22:42 | 000,000,040 | ---- | C] () -- D:\WINDOWS\BRDIAG.INI
[2010/04/16 06:22:42 | 000,000,000 | ---- | C] () -- D:\WINDOWS\brmx2001.ini
[2010/04/16 06:22:39 | 000,000,114 | ---- | C] () -- D:\WINDOWS\System32\brlmw03a.ini
[2010/04/16 06:22:38 | 000,009,030 | ---- | C] () -- D:\WINDOWS\HL-2070N.INI
[2010/04/16 06:22:09 | 000,000,416 | ---- | C] () -- D:\WINDOWS\BRWMARK.INI
[2010/04/16 06:21:42 | 000,000,054 | ---- | C] () -- D:\WINDOWS\System32\bd2070n.dat
[2010/04/16 06:21:36 | 000,045,056 | ---- | C] () -- D:\WINDOWS\System32\PTRCGER.DLL
[2010/04/16 06:20:58 | 000,000,239 | ---- | C] () -- D:\WINDOWS\Brownie.ini
[2009/06/14 11:05:00 | 000,000,664 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2009/02/15 13:41:42 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat
[2009/02/14 11:40:16 | 000,000,068 | ---- | C] () -- D:\WINDOWS\SNISTATE.INI
[2009/02/14 11:30:03 | 000,062,161 | ---- | C] () -- D:\WINDOWS\DeskMon.ini
[2009/02/14 11:30:03 | 000,001,709 | ---- | C] () -- D:\WINDOWS\SmartMon.ini
[2009/02/14 11:29:27 | 000,025,449 | ---- | C] () -- D:\WINDOWS\PCInfo.ini
[2009/02/10 16:50:58 | 000,000,020 | ---- | C] () -- D:\WINDOWS\Hposcv07.INI
[2009/02/10 16:27:58 | 000,086,016 | ---- | C] () -- D:\WINDOWS\System32\install.dll
[2009/02/10 16:24:17 | 000,000,400 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2009/02/10 16:05:31 | 000,000,156 | ---- | C] () -- D:\Dokumente und Einstellungen\brunnet.HANDELSA-CL09O1\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/02/10 15:01:49 | 000,005,120 | ---- | C] () -- D:\Dokumente und Einstellungen\brunnet.HANDELSA-CL09O1\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/10 14:50:51 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2009/02/10 14:45:31 | 000,001,082 | ---- | C] () -- D:\WINDOWS\System32\OEMINFO.INI
[2009/02/10 14:43:16 | 000,028,771 | ---- | C] () -- D:\WINDOWS\System32\javaw.exe
[2009/02/10 14:43:16 | 000,024,673 | ---- | C] () -- D:\WINDOWS\System32\java.exe
[2009/02/10 14:34:20 | 000,021,740 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2009/02/10 14:22:29 | 000,004,161 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2009/02/10 14:20:59 | 000,208,896 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2003/07/30 04:49:22 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin
[2003/07/30 04:48:28 | 000,004,711 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat
[2003/04/02 07:00:00 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat
[2003/04/02 07:00:00 | 000,395,074 | ---- | C] () -- D:\WINDOWS\System32\perfh007.dat
[2003/04/02 07:00:00 | 000,383,588 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat
[2003/04/02 07:00:00 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat
[2003/04/02 07:00:00 | 000,269,480 | ---- | C] () -- D:\WINDOWS\System32\perfi007.dat
[2003/04/02 07:00:00 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat
[2003/04/02 07:00:00 | 000,064,994 | ---- | C] () -- D:\WINDOWS\System32\perfc007.dat
[2003/04/02 07:00:00 | 000,053,942 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat
[2003/04/02 07:00:00 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin
[2003/04/02 07:00:00 | 000,034,478 | ---- | C] () -- D:\WINDOWS\System32\perfd007.dat
[2003/04/02 07:00:00 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat
[2003/04/02 07:00:00 | 000,001,804 | ---- | C] () -- D:\WINDOWS\System32\dcache.bin
[2003/04/02 07:00:00 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat
[2003/02/20 11:53:42 | 000,005,702 | ---- | C] () -- D:\WINDOWS\System32\OUTLPERF.INI
[2002/05/23 19:27:20 | 000,159,744 | ---- | C] () -- D:\WINDOWS\System32\win2000.dll
========== LOP Check ==========
[2013/01/12 07:58:43 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\brunnet.HANDELSA-CL09O1\Anwendungsdaten\AVG Secure Search
[2009/02/10 16:51:26 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\brunnet.HANDELSA-CL09O1\Anwendungsdaten\Ordner HP Share-to-Web
[2009/02/10 16:05:08 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\brunnet.HANDELSA-CL09O1\Anwendungsdaten\T-Online
[2010/11/12 05:24:38 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\brunnet.HANDELSA-CL09O1\Anwendungsdaten\TuneUp Software
[2013/01/13 08:02:41 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\AVG Secure Search
[2009/02/11 14:17:47 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\T-Online
[2010/11/12 05:26:34 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\TuneUp Software
[2010/01/17 11:03:22 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Zylom
[2010/11/12 05:23:29 | 000,000,000 | -HSD | M] -- D:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010/02/21 11:03:58 | 000,000,000 | -HSD | M] -- D:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 88 bytes -> D:\kopie.txt.bat:�SummaryInformation
< End of report >
--- --- ---
eine Extra.txt habe ich nicht gefunden.
das system liegt auch auf D:, es ist also D:\OLT.txt |
