| Kenworth | 26.12.2012 22:05 |
GVU Trojaner eingefangen
hab mir nen gvu trojaner eingefangen,...es kommt beim normal start und auch im abgesichteren modus die meldung ich möge doch bitte 100€ überweisen,...hab mich in eurem forum schon belesen,..habe mir otl als boot cd gebrannt und auf den infizierten rechner gestartet,...beim start von OTLPE. exe fragt er nur nach "do you wish to load remote user profile(s) for scanning" ,..."yes" und nen haken drin bei "automatically load all remaining users"..ok ,...dann start run scan,...kriege nur nen logfile otl.txt ,..ich hoffe ihr könnt mir helfen,...danke im voraus
logfile OTL.TXT Code:
OTL logfile created on: 12/26/2012 10:00:07 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 82.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 68.36 Gb Total Space | 13.50 Gb Free Space | 19.75% Space Free | Partition Type: NTFS
Drive D: | 80.69 Gb Total Space | 29.16 Gb Free Space | 36.15% Space Free | Partition Type: NTFS
Drive E: | 3.72 Gb Total Space | 1.46 Gb Free Space | 39.14% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2012/12/25 06:46:32 | 000,206,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Users\Kenworth\wgsdgsdgdsgsd.dll -- (Winmgmt)
SRV - [2012/12/14 14:30:35 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/07 15:09:57 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/10/10 14:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 06:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/08/05 05:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011/08/05 05:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011/08/05 05:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/04 03:30:12 | 001,440,040 | ---- | M] (Nero AG) [Auto] -- C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2007/05/31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (VGPU)
DRV - File not found [Kernel | On_Demand] -- -- (USBModem)
DRV - File not found [Kernel | On_Demand] -- -- (UsbGps)
DRV - File not found [Kernel | On_Demand] -- -- (UsbDiag)
DRV - File not found [Kernel | On_Demand] -- -- (usbbus)
DRV - File not found [Kernel | On_Demand] -- -- (tsusbhub)
DRV - File not found [Kernel | On_Demand] -- -- (Synth3dVsc)
DRV - [2012/10/30 17:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 17:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 17:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 17:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/30 17:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/15 11:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System] -- C:\Windows\System32\Drivers\aswrdr2.sys -- (aswRdr)
DRV - [2012/10/10 14:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/08/23 09:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 09:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 07:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 07:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 07:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010/11/20 04:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 04:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/01/29 04:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2010/01/17 03:51:20 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2007/08/04 03:30:12 | 000,040,488 | ---- | M] (Nero AG) [Kernel | System] -- C:\Windows\System32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007/08/04 03:30:12 | 000,038,952 | ---- | M] (Nero AG) [Kernel | System] -- C:\Windows\System32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007/08/04 03:30:12 | 000,017,448 | ---- | M] (Nero AG) [Recognizer | System] -- C:\Windows\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2007/08/04 03:30:02 | 000,125,224 | ---- | M] (Nero AG) [File_System | Disabled] -- C:\Windows\System32\drivers\InCDfs.sys -- (InCDfs)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Kenworth_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Kenworth_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Kenworth_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.girlsclub.de/start.php?hdid=3933
IE - HKU\Kenworth_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Kenworth_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Kenworth_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8E 29 5A C6 5F 97 CA 01 [binary data]
IE - HKU\Kenworth_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Kenworth_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\Kenworth_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"
FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1466
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\System32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/13 13:35:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/07 15:09:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/07 15:09:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/07 15:09:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/07 15:09:51 | 000,000,000 | ---D | M]
[2010/01/17 05:47:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kenworth\AppData\Roaming\Mozilla\Extensions
[2012/10/25 12:46:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kenworth\AppData\Roaming\Mozilla\Firefox\Profiles\icvnugn7.default\extensions
[2012/12/07 15:09:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2012/11/13 13:35:29 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/12/07 15:09:58 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/10 21:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/10/10 21:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/10 21:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/10/10 21:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/10/10 21:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/10/10 21:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero8\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe (Nero AG)
O4 - HKU\Kenworth_ON_C..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\Kenworth_ON_C..\Run: [PC Remote Server] C:\Program Files\PC Remote\PC Remote\PCRemote.exe (PC Remote)
O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_C..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Kenworth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{02a33191-75ad-11e0-92ff-002185091ab2}\Shell - "" = AutoRun
O33 - MountPoints2\{02a33191-75ad-11e0-92ff-002185091ab2}\Shell\AutoRun\command - "" = G:\USBAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/12/26 21:19:00 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012/12/26 21:18:59 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/12/26 14:10:00 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{AE1CC63E-9502-4609-A425-2EE39B0980C8}
[2012/12/25 06:38:06 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{51414D32-D805-4C1B-A70C-84E99C274992}
[2012/12/24 05:20:40 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{FDE145AD-1CE0-4333-AC6E-7C92BEF81CFD}
[2012/12/23 14:02:10 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{C3C81FB9-9849-45A9-A0A6-2B03FEEBF2C1}
[2012/12/22 14:21:02 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{2777DB7B-18C4-454F-A049-543AD1A31A22}
[2012/12/20 14:46:25 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\Documents\ETS Mod
[2012/12/20 14:41:22 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/20 14:41:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/20 13:47:30 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{F4CF7F31-FED1-43A8-B822-5B5E0C323CAD}
[2012/12/18 14:00:04 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/12/18 14:00:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/12/18 13:59:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/12/18 13:57:27 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{896C454E-ADBB-442D-B747-63F8D6E41BE3}
[2012/12/17 13:50:39 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{74738D13-73D4-440D-9AFC-6C7905F1F015}
[2012/12/16 13:30:23 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{6810A933-71A3-4437-AE48-A4BF8B2B5732}
[2012/12/15 05:47:06 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{05B11C0B-39DA-4878-A8AB-303A29D79B64}
[2012/12/14 15:13:48 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/12/14 15:13:48 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2012/12/14 15:13:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/12/14 15:13:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/12/14 15:13:47 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/12/14 15:13:46 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/12/14 15:13:45 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2012/12/14 15:13:44 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/12/14 15:13:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/12/14 15:13:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/12/14 13:57:08 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/12/14 13:57:02 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012/12/14 13:57:01 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/12/14 13:56:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/14 13:56:57 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012/12/14 13:56:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/14 13:56:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012/12/14 13:56:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012/12/14 13:56:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/14 13:56:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/14 13:56:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/14 13:56:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012/12/14 13:56:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012/12/14 13:56:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/14 13:56:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012/12/14 13:56:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/14 13:56:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/14 13:56:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012/12/14 13:56:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012/12/14 13:56:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/14 13:56:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/14 13:56:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/14 13:56:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012/12/14 13:56:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/14 13:56:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012/12/14 13:56:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/14 13:56:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/14 13:56:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012/12/14 13:56:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012/12/14 13:56:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012/12/14 13:56:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012/12/14 13:56:47 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012/12/14 13:56:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/12/14 13:49:08 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{F512EB3B-6602-4CD8-9BEA-0CE3428C99A1}
[2012/12/09 13:23:43 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{C7F3520B-33B9-4B95-B742-A0234E6855DA}
[2012/12/08 05:49:26 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{654FAB02-AB36-4F8A-806D-8DC66E2513BC}
[2012/12/07 15:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/12/07 14:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/12/07 14:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/12/07 14:19:43 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/12/07 14:19:43 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012/12/07 14:19:43 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/12/07 14:19:36 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/12/07 14:19:36 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/12/07 14:19:36 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012/12/07 14:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/12/07 14:18:10 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Roaming\XnView
[2012/12/07 14:17:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
[2012/12/07 14:17:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmoK Exif Sorter
[2012/12/07 14:17:02 | 000,000,000 | ---D | C] -- C:\Program Files\AmoK Exif Sorter
[2012/12/07 14:16:53 | 000,000,000 | ---D | C] -- C:\Program Files\XnView
[2012/12/05 14:41:09 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
[2012/12/05 14:39:57 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\iLivid
[2012/12/05 14:10:35 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{5A73656D-EC01-4755-B165-7C671CF11E62}
[2012/12/04 16:15:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
[2012/12/04 16:15:48 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\Documents\Euro Truck Simulator 2
[2012/12/04 16:14:29 | 000,000,000 | ---D | C] -- C:\Program Files\Euro Truck Simulator 2
[2012/12/04 13:47:36 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{677C8C63-B168-4CEC-A9F5-5910199BBE87}
[2012/11/30 13:05:15 | 000,000,000 | ---D | C] -- C:\Users\Kenworth\AppData\Local\{B8E694EA-6B3B-4F82-AD24-7155FAF12AA7}
========== Files - Modified Within 30 Days ==========
[2012/12/26 15:27:04 | 095,023,320 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012/12/26 15:24:56 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/26 15:24:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/26 15:24:42 | 1610,113,024 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/26 14:59:53 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/26 14:59:53 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/26 14:59:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/25 15:30:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/25 06:46:36 | 000,002,965 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.js
[2012/12/25 06:46:36 | 000,001,051 | ---- | M] () -- C:\Users\Kenworth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2012/12/22 14:19:35 | 000,409,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/12/18 14:00:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/12/16 09:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/16 09:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/14 14:30:35 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/12/14 14:30:34 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/12/08 05:49:24 | 000,001,990 | ---- | M] () -- C:\Users\Kenworth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/12/07 14:19:31 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012/12/07 14:19:29 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/12/07 14:19:29 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/12/07 14:19:29 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/12/07 14:19:27 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/12/07 14:19:27 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012/12/07 14:18:31 | 000,000,889 | ---- | M] () -- C:\Users\Kenworth\Desktop\XnView.lnk
[2012/12/07 14:17:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
[2012/12/07 14:17:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmoK Exif Sorter
[2012/12/04 16:15:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
[2012/12/04 16:05:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\German Truck Simulator
[2012/11/30 13:10:55 | 000,711,162 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/11/30 13:10:55 | 000,656,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/11/30 13:10:55 | 000,152,434 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/11/30 13:10:55 | 000,124,930 | ---- | M] () -- C:\Windows\System32\perfc009.dat
========== Files Created - No Company Name ==========
[2012/12/25 06:46:36 | 000,002,965 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.js
[2012/12/25 06:46:36 | 000,001,051 | ---- | C] () -- C:\Users\Kenworth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2012/12/25 06:46:34 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012/12/07 14:17:05 | 000,000,889 | ---- | C] () -- C:\Users\Kenworth\Desktop\XnView.lnk
[2012/12/05 14:41:23 | 000,001,047 | ---- | C] () -- C:\Users\Kenworth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
[2012/02/19 13:53:00 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012/02/19 13:52:59 | 000,000,229 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012/02/19 13:50:08 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2012/02/19 13:49:33 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2011/06/29 01:37:40 | 000,000,110 | ---- | C] () -- C:\Users\Kenworth\AppData\default.pls
[2011/06/09 23:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/05/08 03:26:31 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011/05/08 03:26:31 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011/03/15 06:51:58 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/03/15 06:51:30 | 000,252,928 | ---- | C] () -- C:\Windows\System32\DShowRdpFilter.dll
[2011/03/15 06:50:29 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010/01/17 05:44:42 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/01/17 05:44:42 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010/01/03 05:15:23 | 000,000,017 | ---- | C] () -- C:\Users\Kenworth\AppData\Local\resmon.resmoncfg
[2009/07/14 03:47:43 | 000,711,162 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009/07/14 03:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009/07/14 03:47:43 | 000,152,434 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009/07/14 03:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,409,384 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,656,190 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,124,930 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008/10/07 03:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 03:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
========== LOP Check ==========
[2011/07/24 06:18:01 | 000,000,000 | ---D | M] -- C:\Users\Kenworth\AppData\Roaming\becker
[2010/01/17 07:11:35 | 000,000,000 | ---D | M] -- C:\Users\Kenworth\AppData\Roaming\COWON
[2012/02/19 14:31:30 | 000,000,000 | ---D | M] -- C:\Users\Kenworth\AppData\Roaming\Mp3tag
[2011/03/15 05:34:51 | 000,000,000 | ---D | M] -- C:\Users\Kenworth\AppData\Roaming\PC Remote
[2012/11/25 08:10:14 | 000,000,000 | ---D | M] -- C:\Users\Kenworth\AppData\Roaming\Rename Expert
[2012/12/18 14:25:14 | 000,000,000 | ---D | M] -- C:\Users\Kenworth\AppData\Roaming\XnView
[2010/01/02 13:53:43 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2011/03/02 13:53:16 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2011/05/02 13:53:55 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interprocess
[2010/01/02 13:53:43 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2010/01/02 13:53:43 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2010/01/02 13:53:43 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2011/05/08 03:26:45 | 000,000,000 | ---D | M] -- C:\ProgramData\LGMOBILEAX
[2012/02/08 13:37:45 | 000,000,000 | ---D | M] -- C:\ProgramData\MSScanAppDataDir
[2012/02/19 13:55:29 | 000,000,000 | ---D | M] -- C:\ProgramData\SSScanAppDataDir
[2010/01/02 13:53:43 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2010/01/02 13:53:43 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2011/11/20 12:52:16 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
|
AdwCleaner auf deinen Desktop.