Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 8.1 - Comodo findet TrojWare.JS.Agent.PD in Google/Firefox Cache

Windows 8.1 - Comodo findet TrojWare.JS.Agent.PD in Google/Firefox Cache


Log-Analyse und Auswertung: Windows 8.1 - Comodo findet TrojWare.JS.Agent.PD in Google/Firefox Cache

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 15.06.2015, 23:03   #1
Beckz
 
Windows 8.1 - Comodo findet TrojWare.JS.Agent.PD in Google/Firefox Cache - Standard

Windows 8.1 - Comodo findet TrojWare.JS.Agent.PD in Google/Firefox Cache


Hallo,

Seit einiger Zeit (ca. 1-2 Monate) meldet Comodo in regelmäßigen Abständen, dass im Firefox / Chrome Cache TrojWare.JS.Agent.PD gefunden wird - nach Bereinigung taucht dieser aber wieder auf.

Vielen Dank für die Hilfe!

PS: Handyname (mein Klarname) durch Sternchen im GMER log ersetzt - die GMER und Addition Logs sind im Anhang, da sie leider zu groß sind.

Comodo (Was Win32Scar in TF2 ist weiß ich leider auch nicht)
Code:
ATTFilter
<td>2015-06-15 22:40:49*
			</td>
<td>C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ab|C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ab*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Quarantäne*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-15 22:39:26*
			</td>
<td>c:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ab|c:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ab*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Erkennen*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-15 22:39:00*
			</td>
<td>C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ab|C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ab*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Erkennen*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-14 23:14:30*
			</td>
<td>C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0012e3|C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0012e3*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Quarantäne*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-14 23:05:37*
			</td>
<td>C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0012e3|C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0012e3*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Erkennen*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-14 22:06:51*
			</td>
<td>C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0010f0|C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0010f0*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Quarantäne*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-14 22:05:55*
			</td>
<td>C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0010f0|C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0010f0*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Erkennen*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-13 23:33:15*
			</td>
<td>C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000bf5|C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000bf5*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Quarantäne*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-13 23:20:20*
			</td>
<td>C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000bf5|C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000bf5*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Erkennen*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-13 20:55:38*
			</td>
<td>C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0003a3|C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0003a3*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Quarantäne*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-13 20:55:38*
			</td>
<td>C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00032c|C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00032c*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Quarantäne*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-13 20:14:39*
			</td>
<td>C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0003a3|C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0003a3*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Erkennen*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-13 20:14:36*
			</td>
<td>C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00032c|C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00032c*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Erkennen*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-08 18:52:09*
			</td>
<td>D:\Steam\SteamApps\common\Team Fortress 2\bin\motionmapper.exe*
			</td>
<td>TrojWare.Win32.Scar.LSA@348353990*
			</td>
<td>Quarantäne*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-08 18:52:09*
			</td>
<td>C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d4|C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d4*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Quarantäne*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-08 18:45:03*
			</td>
<td>D:\Steam\SteamApps\common\Team Fortress 2\bin\motionmapper.exe*
			</td>
<td>TrojWare.Win32.Scar.LSA@348353990*
			</td>
<td>Erkennen*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-08 18:11:37*
			</td>
<td>C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d4|C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d4*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Erkennen*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-05 11:26:50*
			</td>
<td>C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\D7F06C4882F81696D8B79A0F15C972BEA6AF2A21|C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\D7F06C4882F81696D8B79A0F15C972BEA6AF2A21*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Quarantäne*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-05 11:26:50*
			</td>
<td>C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\4A6A38AE5D61942F78238A2A0A6E6CF84CBBE345|C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\4A6A38AE5D61942F78238A2A0A6E6CF84CBBE345*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Quarantäne*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-05 11:26:50*
			</td>
<td>C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\3430F9436FAFBB8D2235B3C9BAB17D5B439A31EF|C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\3430F9436FAFBB8D2235B3C9BAB17D5B439A31EF*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Quarantäne*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-05 11:26:50*
			</td>
<td>C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\78867B090C14D2C6C68106D0D6F9F1C6785DF30D|C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\78867B090C14D2C6C68106D0D6F9F1C6785DF30D*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Quarantäne*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-05 11:26:50*
			</td>
<td>C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\D4D5FD789ABD91084C62AAB516C31E93208CFD26|C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\D4D5FD789ABD91084C62AAB516C31E93208CFD26*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Quarantäne*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-05 10:10:51*
			</td>
<td>C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\D7F06C4882F81696D8B79A0F15C972BEA6AF2A21|C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\D7F06C4882F81696D8B79A0F15C972BEA6AF2A21*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Erkennen*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-05 10:10:50*
			</td>
<td>C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\D4D5FD789ABD91084C62AAB516C31E93208CFD26|C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\D4D5FD789ABD91084C62AAB516C31E93208CFD26*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Erkennen*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-05 10:09:51*
			</td>
<td>C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\78867B090C14D2C6C68106D0D6F9F1C6785DF30D|C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\78867B090C14D2C6C68106D0D6F9F1C6785DF30D*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Erkennen*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-05 10:09:18*
			</td>
<td>C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\4A6A38AE5D61942F78238A2A0A6E6CF84CBBE345|C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\4A6A38AE5D61942F78238A2A0A6E6CF84CBBE345*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Erkennen*
			</td>
<td>Erfolgreich*
			</td>
</tr>
<tr>
<td>2015-06-05 10:09:00*
			</td>
<td>C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\3430F9436FAFBB8D2235B3C9BAB17D5B439A31EF|C:\Users\Beckz\AppData\Local\Mozilla\Firefox\Profiles\uwaxteab.default\cache2\entries\3430F9436FAFBB8D2235B3C9BAB17D5B439A31EF*
			</td>
<td>TrojWare.JS.Agent.PD@300743807*
			</td>
<td>Erkennen*
			</td>
<td>Erfolgreich*
			</td>
defogger_disable
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:57 on 15/06/2015 (Beckz)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Beckz (administrator) on CHRIS on 15-06-2015 22:58:02
Running from C:\Users\Beckz\Downloads
Loaded Profiles: Beckz (Available Profiles: Beckz & Gast)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Spotify Ltd) C:\Users\Beckz\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Curse) C:\Users\Beckz\AppData\Local\Apps\2.0\5VZ0RZCQ.DEW\VNCZ4Z6B.RZ1\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62c0f9ec26c\CurseClient.exe
(Dropbox, Inc.) C:\Users\Beckz\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Beckz\Downloads\Defogger.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7174728 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-06-09] (COMODO)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-06-07] (Adobe Systems Incorporated)
HKU\S-1-5-21-1551654986-3807097994-1316783454-1002\...\Run: [Battle.net] => D:\Battle.net\Battle.net Launcher.exe [2860080 2015-06-02] (Blizzard Entertainment)
HKU\S-1-5-21-1551654986-3807097994-1316783454-1002\...\Run: [Spotify Web Helper] => C:\Users\Beckz\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-05-31] (Spotify Ltd)
HKU\S-1-5-21-1551654986-3807097994-1316783454-1002\...\Run: [Spotify] => C:\Users\Beckz\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-05-31] (Spotify Ltd)
HKU\S-1-5-21-1551654986-3807097994-1316783454-1002\...\Run: [GoogleChromeAutoLaunch_349381C3921A743EC7E4CD3155ACD016] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-10] (Google Inc.)
HKU\S-1-5-21-1551654986-3807097994-1316783454-1002\...\MountPoints2: {37f5a09d-cedc-11e4-bf08-ac220b78bea7} - "H:\aocsetup.exe" /autorun
HKU\S-1-5-21-1551654986-3807097994-1316783454-1002\...\MountPoints2: {6dc50353-cb03-11e4-bf05-ac220b78bea7} - "E:\SETUP.EXE" 
HKU\S-1-5-21-1551654986-3807097994-1316783454-1002\...\MountPoints2: {fdbfa1bc-4185-11e3-be83-ac220b78bea7} - "L:\LaunchU3.exe" -a
Startup: C:\Users\Beckz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2013-11-27] ()
Startup: C:\Users\Beckz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-03-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Beckz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beckz\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beckz\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beckz\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beckz\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beckz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beckz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beckz\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1551654986-3807097994-1316783454-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\java\bin\ssv.dll [2014-03-30] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\java\bin\jp2ssv.dll [2014-03-30] (Oracle Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{E03971CE-16A2-4630-A618-CDA4E8760159}: [NameServer] 156.154.70.25,156.154.71.25

FireFox:
========
FF ProfilePath: C:\Users\Beckz\AppData\Roaming\Mozilla\Firefox\Profiles\uwaxteab.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-04] ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\WINDOWS\system32\npDeployJava1.dll [2014-03-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> D:\java\bin\plugin2\npjp2.dll [2014-03-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-04] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-01] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-08-17] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-07] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1551654986-3807097994-1316783454-1002: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-08-17] (Pando Networks)
FF SearchPlugin: C:\Users\Beckz\AppData\Roaming\Mozilla\Firefox\Profiles\uwaxteab.default\searchplugins\dictcc.xml [2014-01-21]
FF SearchPlugin: C:\Users\Beckz\AppData\Roaming\Mozilla\Firefox\Profiles\uwaxteab.default\searchplugins\wowhead.xml [2013-12-26]
FF SearchPlugin: C:\Users\Beckz\AppData\Roaming\Mozilla\Firefox\Profiles\uwaxteab.default\searchplugins\youtube-videosuche.xml [2014-01-26]
FF Extension: Adblock Plus - C:\Users\Beckz\AppData\Roaming\Mozilla\Firefox\Profiles\uwaxteab.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-05]

Chrome: 
=======
CHR Profile: C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-07]
CHR Extension: (Google Docs) - C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-07]
CHR Extension: (Google Drive) - C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-07]
CHR Extension: (YouTube) - C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-07]
CHR Extension: (Google Search) - C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-07]
CHR Extension: (Google Sheets) - C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-07]
CHR Extension: (AdBlock) - C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-07]
CHR Extension: (Google Wallet) - C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-07]
CHR Extension: (Gmail) - C:\Users\Beckz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-30] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2015-03-04] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5541960 2015-06-09] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-06-09] (COMODO)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-13] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-13] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-03-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-03-11] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2012-05-08] ()
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20672 2015-06-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [820928 2015-06-05] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-06-05] (COMODO)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-03-21] (Disc Soft Ltd)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [126696 2015-06-05] (COMODO)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-06-01] (NVIDIA Corporation)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [129856 2012-10-20] (Ray Hinchliffe)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-03-11] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-15 22:58 - 2015-06-15 22:58 - 00018977 _____ C:\Users\Beckz\Downloads\FRST.txt
2015-06-15 22:57 - 2015-06-15 22:58 - 00000000 ____D C:\FRST
2015-06-15 22:57 - 2015-06-15 22:57 - 02109952 _____ (Farbar) C:\Users\Beckz\Downloads\FRST64.exe
2015-06-15 22:57 - 2015-06-15 22:57 - 00000472 _____ C:\Users\Beckz\Downloads\defogger_disable.log
2015-06-15 22:57 - 2015-06-15 22:57 - 00000000 _____ C:\Users\Beckz\defogger_reenable
2015-06-15 22:56 - 2015-06-15 22:56 - 00050477 _____ C:\Users\Beckz\Downloads\Defogger.exe
2015-06-14 22:03 - 2015-06-14 22:05 - 81179244 _____ C:\Users\Beckz\Downloads\SpackoDeluxeProduction.mov
2015-06-14 21:31 - 2015-06-14 21:39 - 371449164 _____ C:\Users\Beckz\Downloads\Alex_Julinane_Lied.mov
2015-06-14 21:30 - 2015-06-14 21:30 - 17319145 _____ C:\Users\Beckz\Downloads\Steffi 2.MOV
2015-06-14 21:30 - 2015-06-14 21:30 - 17275693 _____ C:\Users\Beckz\Downloads\Steffi 1.MOV
2015-06-14 21:29 - 2015-06-14 21:29 - 01603605 _____ C:\Users\Beckz\Downloads\Maesi.mp4
2015-06-14 21:28 - 2015-06-14 21:29 - 45734639 _____ C:\Users\Beckz\Downloads\Josef.mov
2015-06-14 21:28 - 2015-06-14 21:28 - 02250189 _____ C:\Users\Beckz\Downloads\Dirko.mp4
2015-06-14 00:09 - 2015-06-14 00:09 - 00000046 _____ C:\WINDOWS\wininit.ini
2015-06-09 19:30 - 2015-06-09 19:30 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-09 19:30 - 2015-06-09 19:30 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-09 19:30 - 2015-06-09 19:30 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-09 19:30 - 2015-06-09 19:30 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-09 19:30 - 2015-06-09 19:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-09 19:30 - 2015-06-09 19:30 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-09 19:30 - 2015-06-09 19:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-09 19:30 - 2015-06-09 19:30 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-09 19:30 - 2015-06-09 19:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-09 19:30 - 2015-06-09 19:30 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-09 19:30 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-09 19:30 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-09 19:30 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-09 19:30 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-09 19:30 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-09 14:00 - 2015-06-09 14:00 - 00000000 ____D C:\Users\Gast\AppData\Local\Google
2015-06-07 19:52 - 2015-06-15 22:57 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-07 19:52 - 2015-06-15 22:46 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-07 19:52 - 2015-06-10 19:58 - 00002202 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-07 19:52 - 2015-06-07 19:52 - 00004092 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-07 19:52 - 2015-06-07 19:52 - 00003856 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-07 19:52 - 2015-06-07 19:52 - 00000000 ____D C:\Users\Beckz\AppData\Local\Google
2015-06-07 19:52 - 2015-06-07 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-07 19:52 - 2015-06-07 19:52 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-07 19:51 - 2015-06-07 19:51 - 00931408 _____ (Google Inc.) C:\Users\Beckz\Downloads\ChromeSetup.exe
2015-06-07 11:14 - 2015-06-07 11:14 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-06-03 16:04 - 2015-06-13 23:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-01 20:39 - 2015-06-01 20:39 - 00571024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-06-01 20:37 - 2015-06-01 20:39 - 00195912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-06-01 20:37 - 2015-06-01 20:39 - 00031552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 37741712 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 30480528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 22946960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 16185352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 14495448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 13304280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 11830512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 10995528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-06-01 20:37 - 2015-06-01 20:38 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 02599056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435306.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435306.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 01099808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 01050440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 00982856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 00974480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 00939080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 00878816 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 00503408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 00407112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 00364176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-06-01 20:37 - 2015-06-01 20:38 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-06-01 20:37 - 2015-05-28 09:04 - 42719888 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-06-01 20:27 - 2015-06-01 20:28 - 00048784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-06-01 20:27 - 2015-06-01 20:28 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-06-01 19:11 - 2015-06-01 19:11 - 00000000 ____D C:\Users\Beckz\AppData\Local\GWX
2015-06-01 14:51 - 2015-06-01 14:51 - 00000000 ____D C:\Users\Gast\AppData\Local\GWX
2015-05-24 15:23 - 2015-06-15 21:57 - 00000000 ____D C:\Users\Beckz\Documents\The Witcher 3
2015-05-24 15:23 - 2015-05-24 15:23 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2015-05-24 15:23 - 2015-05-24 15:23 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2015-05-24 15:23 - 2015-05-24 15:23 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2015-05-24 15:23 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2015-05-24 15:22 - 2015-05-24 15:22 - 00000000 ____D C:\ProgramData\Package Cache
2015-05-24 14:07 - 2015-05-24 14:07 - 00000000 ____D C:\Users\Beckz\AppData\Local\openvr
2015-05-20 21:00 - 2015-05-20 21:00 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-20 21:00 - 2015-05-20 21:00 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-20 20:37 - 2015-05-20 21:07 - 670563043 _____ C:\Users\Beckz\Downloads\retropie-v3.0beta2-rpi1.img.gz
2015-05-19 20:19 - 2015-05-19 20:19 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-19 20:19 - 2015-05-19 20:19 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-19 20:19 - 2015-05-19 20:19 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-19 20:19 - 2015-05-19 20:19 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-19 20:19 - 2015-05-19 20:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-19 20:19 - 2015-05-19 20:19 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-19 20:19 - 2015-05-19 20:19 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-19 20:19 - 2015-05-19 20:19 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-19 20:19 - 2015-05-19 20:19 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-19 20:19 - 2015-05-19 20:19 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-19 20:19 - 2015-05-19 20:19 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-19 20:19 - 2015-05-19 20:19 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-15 22:57 - 2014-03-23 10:13 - 00342724 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2015-06-15 22:57 - 2013-11-01 15:36 - 00000000 ____D C:\Users\Beckz
2015-06-15 22:57 - 2013-11-01 15:34 - 01877851 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-15 22:55 - 2014-02-09 14:47 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2015-06-15 22:52 - 2013-09-30 06:14 - 02132518 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-15 22:52 - 2013-09-30 05:56 - 01026792 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-15 22:52 - 2013-09-30 05:56 - 00245954 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-15 22:46 - 2014-03-12 23:57 - 00000000 ___RD C:\Users\Beckz\Dropbox
2015-06-15 22:46 - 2014-03-12 23:56 - 00000000 ____D C:\Users\Beckz\AppData\Roaming\Dropbox
2015-06-15 22:46 - 2014-02-26 20:19 - 00000000 ____D C:\Users\Beckz\AppData\Local\Battle.net
2015-06-15 22:46 - 2013-11-27 19:22 - 00000000 ____D C:\Users\Beckz\AppData\Local\Deployment
2015-06-15 22:46 - 2013-11-01 15:46 - 00000000 ___DO C:\Users\Beckz\SkyDrive
2015-06-15 22:46 - 2013-10-30 23:23 - 00000000 ____D C:\Users\Beckz\AppData\Roaming\Spotify
2015-06-15 22:46 - 2013-10-30 23:23 - 00000000 ____D C:\Users\Beckz\AppData\Local\Spotify
2015-06-15 22:45 - 2014-03-28 17:17 - 00000000 ____D C:\Users\Beckz\AppData\Roaming\ClassicShell
2015-06-15 22:45 - 2013-11-01 15:34 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-15 22:45 - 2013-09-29 21:04 - 00031604 _____ C:\WINDOWS\PFRO.log
2015-06-15 22:45 - 2013-08-22 16:46 - 00375746 _____ C:\WINDOWS\setupact.log
2015-06-15 22:45 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-15 22:45 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-15 22:19 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-15 22:17 - 2013-11-01 02:03 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-15 22:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-15 21:14 - 2013-11-01 15:49 - 00003918 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1BF39C4A-C4D8-45CF-A922-6C4F99F1E3A6}
2015-06-15 21:12 - 2015-03-15 04:14 - 00000000 ____D C:\Users\Beckz\Desktop\Games
2015-06-14 22:12 - 2014-08-17 14:40 - 00000000 ____D C:\Users\Beckz\Documents\my games
2015-06-14 00:49 - 2013-10-30 19:19 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1551654986-3807097994-1316783454-1002
2015-06-14 00:11 - 2015-03-19 21:09 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-14 00:11 - 2013-11-01 15:34 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-14 00:09 - 2014-02-09 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-06-13 23:34 - 2013-10-30 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-13 23:34 - 2013-08-22 16:44 - 00373232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-13 23:33 - 2014-12-12 00:54 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-13 23:33 - 2014-07-10 00:29 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-13 23:33 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-13 23:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-13 23:30 - 2013-10-30 23:23 - 00002051 _____ C:\Users\Beckz\Desktop\Spotify.lnk
2015-06-13 14:26 - 2013-09-24 13:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-13 14:26 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-13 14:22 - 2013-09-24 13:10 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-09 19:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-09 19:30 - 2013-09-30 06:10 - 02473472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-06-09 19:30 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-09 19:30 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-09 19:28 - 2014-04-17 16:54 - 00000000 ____D C:\Users\Gast\AppData\Roaming\ClassicShell
2015-06-07 11:14 - 2015-02-08 12:22 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-06-05 15:36 - 2013-11-14 12:38 - 00820928 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdguard.sys
2015-06-05 15:36 - 2013-09-24 11:54 - 00126696 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
2015-06-05 15:36 - 2013-09-24 11:54 - 00035056 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys
2015-06-05 15:36 - 2013-09-24 11:54 - 00020672 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys
2015-06-05 15:34 - 2013-11-14 12:38 - 00041224 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2015-06-05 15:34 - 2013-09-24 11:53 - 00576824 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2015-06-05 15:34 - 2013-09-24 11:53 - 00444448 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2015-06-05 15:33 - 2013-09-24 11:53 - 00358080 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2015-06-05 15:32 - 2013-09-24 11:53 - 00045760 _____ (COMODO) C:\WINDOWS\system32\cmdkbd64.dll
2015-06-05 15:31 - 2013-09-24 11:53 - 00288448 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2015-06-05 15:31 - 2013-09-24 11:53 - 00040640 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdkbd32.dll
2015-06-04 21:15 - 2013-11-01 02:01 - 00000000 ____D C:\Users\Beckz\AppData\Local\Adobe
2015-06-04 21:14 - 2013-11-01 02:03 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-03 23:04 - 2014-07-02 17:56 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-06-03 23:04 - 2014-07-02 17:56 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-06-03 23:04 - 2013-12-17 23:18 - 01571696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-06-03 23:04 - 2013-12-17 23:18 - 01320304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-06-01 22:31 - 2013-11-06 21:50 - 00001741 _____ C:\Users\Beckz\Desktop\Neues Textdokument.txt
2015-06-01 20:39 - 2014-07-24 20:38 - 01558848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-06-01 20:39 - 2013-10-10 09:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-01 20:38 - 2014-08-17 18:16 - 15864064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-06-01 20:38 - 2014-08-17 18:16 - 14987528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-06-01 20:38 - 2013-11-01 15:34 - 00937288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-06-01 20:38 - 2013-11-01 15:34 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-06-01 20:38 - 2013-11-01 15:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-01 20:38 - 2013-10-27 10:12 - 17486856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-06-01 20:38 - 2013-10-27 10:12 - 12852152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-06-01 20:38 - 2013-10-27 10:12 - 03379680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-06-01 20:38 - 2013-10-27 10:12 - 02986392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-06-01 20:38 - 2013-10-10 09:35 - 00112968 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-06-01 20:38 - 2013-10-10 09:35 - 00105288 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-06-01 20:28 - 2013-10-10 09:35 - 00052880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-06-01 14:58 - 2013-10-31 21:25 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-05-28 09:04 - 2013-10-27 10:12 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
2015-05-28 06:15 - 2013-11-01 15:34 - 06872904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-05-28 06:15 - 2013-11-01 15:34 - 03491984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-05-28 06:15 - 2013-11-01 15:34 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-05-28 06:15 - 2013-11-01 15:34 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-05-27 12:48 - 2013-11-01 15:34 - 04408727 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-05-24 15:23 - 2014-04-06 11:05 - 00000000 ____D C:\Users\Beckz\AppData\Roaming\NVIDIA
2015-05-24 15:22 - 2013-09-30 10:50 - 00149954 _____ C:\WINDOWS\DirectX.log
2015-05-21 23:13 - 2014-03-19 21:39 - 00140800 ___SH C:\Users\Beckz\Desktop\Thumbs.db
2015-05-21 18:22 - 2013-11-26 19:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-21 18:22 - 2013-11-26 19:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-20 23:17 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-05-20 23:17 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-05-20 20:57 - 2015-04-07 19:37 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-05-20 20:57 - 2015-04-07 19:37 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-20 20:57 - 2013-11-26 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-20 20:55 - 2013-09-30 05:59 - 00000000 ____D C:\Program Files\Windows Journal

==================== Files in the root of some directories =======

2015-04-29 17:11 - 2015-05-11 23:59 - 0003961 _____ () C:\Users\Beckz\AppData\Roaming\LTspiceIV.ini
2015-03-15 13:13 - 2015-03-15 19:31 - 0000026 _____ () C:\Users\Beckz\AppData\Local\isoworkshop.ini

Some files in TEMP:
====================
C:\Users\Beckz\AppData\Local\Temp\BackupSetup.exe
C:\Users\Beckz\AppData\Local\Temp\bitool.dll
C:\Users\Beckz\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppvwjhn.dll
C:\Users\Beckz\AppData\Local\Temp\mailcheck_ff_2014_12_02.exe
C:\Users\Beckz\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Beckz\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Beckz\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Beckz\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Beckz\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Beckz\AppData\Local\Temp\nvStInst.exe
C:\Users\Beckz\AppData\Local\Temp\sdan.exe
C:\Users\Beckz\AppData\Local\Temp\sdapk.exe
C:\Users\Beckz\AppData\Local\Temp\sdaspwn.exe
C:\Users\Beckz\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Beckz\AppData\Local\Temp\tmnationsforever_setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-13 19:42

==================== End of log ============================

 

Themen zu Windows 8.1 - Comodo findet TrojWare.JS.Agent.PD in Google/Firefox Cache
.dll, administrator, adobe, bonjour, browser, canon, defender, desktop, explorer, firefox, flash player, geforce, google, log, mozilla, nvidia, realtek, registry, rundll, scan, security, software, svchost.exe, system, windows, winlogon.exe


« DHL Virus / Malware eingefangen | Windows 7: Darstellungsprobleme bei Anwenderprogrammen (insbesondere Browser) »


Ähnliche Themen: Windows 8.1 - Comodo findet TrojWare.JS.Agent.PD in Google/Firefox Cache


  1. Windows 7 N: Comodo endeckt TrojWare.JS.Agent.PD@300743807 immer wieder in Firefox Unterordnern
    Log-Analyse und Auswertung - 11.07.2015 (5)
  2. Comodo wird TrojWare.JS.Agent.PD@300743807 nicht los
    Log-Analyse und Auswertung - 06.07.2015 (18)
  3. Wieso Verbindung zu Google.cache ?
    Überwachung, Datenschutz und Spam - 23.02.2015 (5)
  4. Windows 7: Trojanerfund TR/Dldr.Agent.2343.1 in ..\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\29352a0f-2c1714bd
    Log-Analyse und Auswertung - 04.11.2014 (10)
  5. Firefox stürzt ständig ab und Google findet Seiten nicht
    Log-Analyse und Auswertung - 17.01.2014 (9)
  6. JS/BlacoleRef.DD.38 in Firefox Cache Win 7
    Log-Analyse und Auswertung - 14.11.2013 (5)
  7. Lyrixeeker und Babylon im Sytem (WIN 8 / Google Chrome / Comodo) Logs fertig!
    Plagegeister aller Art und deren Bekämpfung - 25.09.2013 (8)
  8. TrojWare.JS.Agent.IL in AdAware eingenistet?
    Plagegeister aller Art und deren Bekämpfung - 27.04.2013 (17)
  9. Comodo IS Free findet Virus in rss.exe - jetzt Windows Fehlermeldung nach Boot
    Plagegeister aller Art und deren Bekämpfung - 13.04.2013 (19)
  10. EXP/JS.Iframe.AL in Firefox Cache
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (52)
  11. Beim starten von dds.com und dds.scr findet comodo .heur.suspicious@1
    Plagegeister aller Art und deren Bekämpfung - 09.04.2012 (3)
  12. TrojWare.Win32.Trojan.Agent.Gen@1 in temp/upd.exe gefunden! Lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 08.12.2011 (16)
  13. TrojWare.Win32.Trojan.Agent.Gen@146264662 in systempack107_2121.exe
    Plagegeister aller Art und deren Bekämpfung - 28.01.2011 (39)
  14. Firefox Cache: EXP/Pidief.GL
    Plagegeister aller Art und deren Bekämpfung - 14.12.2009 (1)
  15. Trojan.Dropper im Firefox CACHE.
    Plagegeister aller Art und deren Bekämpfung - 07.08.2009 (2)
  16. Firefox Cache
    Plagegeister aller Art und deren Bekämpfung - 14.01.2008 (7)
  17. Firefox findet Google und Hotmail nicht mehr - Hijack!?!
    Plagegeister aller Art und deren Bekämpfung - 03.12.2004 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 8.1 - Comodo findet TrojWare.JS.Agent.PD in Google/Firefox Cache - Hallo, Seit einiger Zeit (ca. 1-2 Monate) meldet Comodo in regelmäßigen Abständen, dass im Firefox / Chrome Cache TrojWare.JS.Agent.PD gefunden wird - nach Bereinigung taucht dieser aber wieder auf. Vielen - Windows 8.1 - Comodo findet TrojWare.JS.Agent.PD in Google/Firefox Cache...
Archiv
Du betrachtest: Windows 8.1 - Comodo findet TrojWare.JS.Agent.PD in Google/Firefox Cache auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131