svchost.exe application error 0x0000005

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

izlazi mi ta greska da ne zna ko u cemu je greska ... pri start up ocitavanju desktopa

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Isprati uputstvo i dostavi izvestaje

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.45.2
Run by PGS.SpawN-Living at 12:32:56 on 2013-11-05
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4060.588 [GMT 1:00]
.
AV: Advanced SystemCare Ultimate *Enabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\PGS.SpawN-Living\Downloads\TorchSetup-r69-n-bc.exe
C:\Windows\system32\taskhost.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Update\29.0.0.4888\TorchUpdate.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Advanced SystemCare Ultimate] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
uRun: [Microsoft Update] C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe
mRun: [MSIAfterburner] "C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe" /s
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Windows Update] C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe
uExplorerRun: [Policies] C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe
mExplorerRun: [Policies] C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 89.216.1.30 89.216.1.50
TCP: Interfaces\{85C86AF3-970D-497D-ABA2-C1200F1F835F} : DHCPNameServer = 89.216.1.30 89.216.1.50
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {683TY3FF-NB36-PP53-071W-A58HE82745K1} - C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-STS: {F791A188-699D-4FD4-955A-EB59E89B1907} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\PGS.SpawN-Living\AppData\Roaming\Mozilla\Firefox\Profiles\oks86jg0.default\
FF - plugin: C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll
FF - plugin: C:\Users\PGS.SpawN-Living\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\PGS.SpawN-Living\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-10-23 06:40; [Link mogu videti samo ulogovani korisnici]; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afext@anchorfree.com
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-8-28 17720]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2013-7-15 22128]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-7-16 283064]
R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\drivers\hssdrv6.sys [2013-10-23 44744]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe [2013-7-15 1051088]
R2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe [2013-7-15 621008]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-8-25 14997280]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-15 414496]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-11-2 5087584]
R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\System32\drivers\nvoclk64.sys [2009-9-15 42088]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-10-11 39200]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-9-13 872152]
R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-9-17 42184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2013-7-25 21712]
S3 OverwolfUpdaterService;Overwolf Updater Service;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2013-10-16 18360]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-7-15 19456]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-7-15 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-7-15 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-7-15 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2013-9-5 166112]
S4 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-7-15 169432]
.
=============== Created Last 30 ================
.
2013-11-05 10:49:48 101888 ----a-w- C:\Windows\SysWow64\VB6STKIT.DLL
2013-11-05 10:49:01 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\Torch
2013-11-05 01:49:38 -------- d-----w- C:\ProgramData\.mono
2013-11-04 04:19:02 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9163EAFF-B210-46E7-BE47-ED2C074555AA}\offreg.dll
2013-11-04 04:10:11 -------- d-----w- C:\ProgramData\WinterSoft
2013-11-04 04:09:55 -------- d-----w- C:\Program Files (x86)\Ss-Helper
2013-11-04 04:09:16 -------- d-----w- C:\ProgramData\InstallMate
2013-11-04 00:09:47 -------- d-----r- C:\Program Files (x86)\Skype
2013-11-03 13:11:11 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\LolClient
2013-11-03 12:07:44 68616 ----a-w- C:\Windows\SysWow64\XAPOFX1_1.dll
2013-11-03 12:07:44 509448 ----a-w- C:\Windows\SysWow64\XAudio2_2.dll
2013-11-03 12:07:43 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2013-11-03 12:07:43 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2013-11-03 12:07:40 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2013-11-03 12:07:23 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2013-11-03 12:06:11 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\PMB Files
2013-11-03 12:06:09 -------- d-----w- C:\ProgramData\PMB Files
2013-11-03 12:06:06 -------- d-----w- C:\Program Files (x86)\Pando Networks
2013-11-03 12:03:54 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\Riot Games
2013-11-03 04:19:48 -------- d-sh--w- C:\$RECYCLE.BIN
2013-11-01 07:29:39 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9163EAFF-B210-46E7-BE47-ED2C074555AA}\mpengine.dll
2013-11-01 04:35:14 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\Microsoft Games
2013-11-01 02:22:54 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\FluxSoftware
2013-10-31 03:10:45 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\Dev-Cpp
2013-10-31 03:09:13 -------- d-----w- C:\Program Files (x86)\Dev-Cpp
2013-10-30 01:48:56 -------- d-----w- C:\ProgramData\Overwolf
2013-10-27 08:05:50 -------- d-----w- C:\ProgramData\3DMGAME
2013-10-26 23:53:57 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\Macromedia
2013-10-26 00:06:19 -------- d-----w- C:\Program Files\CPUID
2013-10-23 04:31:39 44744 ----a-w- C:\Windows\System32\drivers\hssdrv6.sys
2013-10-22 00:05:54 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\ActiveState
2013-10-21 22:55:37 -------- d-----w- C:\Perl64
2013-10-20 21:25:49 -------- d-----w- C:\Program Files (x86)\Flood Ping Break Point Tester
2013-10-20 21:25:33 73216 ----a-w- C:\Windows\ST6UNST.EXE
2013-10-20 21:25:33 249856 ------w- C:\Windows\Setup1.exe
2013-10-20 21:02:11 499712 ----a-w- C:\Windows\SysWow64\MSVCP71.DLL
2013-10-20 21:02:11 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2013-10-20 20:56:49 1355776 ----a-w- C:\Windows\System32\msvbvm50.dll
2013-10-20 20:50:44 1657213 ----a-w- C:\csdos.exe
2013-10-20 20:22:50 1009336 ----a-w- C:\Windows\SysWow64\mschrt20.ocx
2013-10-20 20:22:48 -------- d-----w- C:\Program Files (x86)\Net Tools
2013-10-20 20:14:29 149301 ----a-w- C:\Windows\Pinger Uninstaller.exe
2013-10-20 20:14:27 -------- d-----w- C:\Program Files (x86)\Pinger
2013-10-20 03:15:44 -------- d-----w- C:\found.000
2013-10-19 23:01:05 -------- d-----w- C:\Program Files (x86)\Intelore
2013-10-18 02:19:10 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\Game Updater
2013-10-17 21:50:40 -------- d-----w- C:\ProgramData\Pivot Animator
2013-10-17 21:50:28 -------- d-----w- C:\Program Files (x86)\Pivot Animator
2013-10-17 04:30:07 -------- d-----w- C:\ProgramData\Oracle
2013-10-17 04:29:47 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-15 23:51:02 -------- d-----w- C:\Program Files (x86)\Overwolf
2013-10-15 23:51:02 -------- d-----w- C:\Program Files (x86)\Common Files\Overwolf
2013-10-15 14:54:06 589600 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-10-12 12:51:04 98816 ----a-w- C:\Windows\sed.exe
2013-10-12 12:51:04 256000 ----a-w- C:\Windows\PEV.exe
2013-10-12 12:51:04 208896 ----a-w- C:\Windows\MBR.exe
2013-10-11 01:48:05 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2013-10-11 01:48:05 196384 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2013-10-11 01:48:04 1884448 ----a-w- C:\Windows\System32\nvdispco6432723.dll
2013-10-11 01:48:04 1511712 ----a-w- C:\Windows\System32\nvdispgenco6432723.dll
2013-10-11 01:43:16 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-10-11 01:43:16 28448 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-10-10 05:58:12 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\Facebook
2013-10-09 18:56:51 633856 ----a-w- C:\Windows\System32\comctl32.dll
2013-10-09 09:58:02 4879744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-10-09 09:58:02 4879744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-10-07 14:41:30 89360 ----a-w- C:\Windows\SysWow64\VB5DB.DLL
2013-10-07 14:41:30 415504 ----a-w- C:\Windows\SysWow64\MSREPL35.DLL
2013-10-07 14:41:30 252176 ----a-w- C:\Windows\SysWow64\MSRD2X35.DLL
2013-10-07 14:41:30 24848 ----a-w- C:\Windows\SysWow64\MSJTER35.DLL
2013-10-07 14:41:30 123664 ----a-w- C:\Windows\SysWow64\MSJINT35.DLL
2013-10-07 14:41:30 119808 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2013-10-07 14:41:29 570128 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\DAO350.DLL
2013-10-07 14:41:29 440352 ----a-w- C:\Windows\SysWow64\MSHFLXGD.OCX
2013-10-07 14:41:29 152848 ----a-w- C:\Windows\SysWow64\COMDLG32.OCX
2013-10-07 14:41:29 1046288 ----a-w- C:\Windows\SysWow64\MSJET35.DLL
2013-10-07 14:41:29 -------- d-----w- C:\Program Files (x86)\FreeFolderHider
.
==================== Find3M ====================
.
2013-10-15 21:47:39 6665504 ----a-w- C:\Windows\System32\nvcpl.dll
2013-10-15 21:47:39 3489568 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-10-15 21:47:36 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-10-15 21:47:36 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-10-15 21:47:36 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2013-10-12 13:26:14 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-12 13:26:14 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-08 19:14:15 3398914 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-09-17 20:33:40 42184 ----a-w- C:\Windows\System32\drivers\taphss6.sys
2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-09-03 12:35:10 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2013-08-20 13:32:58 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-08-18 00:11:46 229984 ----a-w- C:\Windows\System32\drivers\05837735.sys
.
============= FINISH: 12:33:34.94 ===============




[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

emptyclsid;
emptyalltemp;
C:\Users\PGS.SpawN-Living\Downloads\TorchSetup-r69-n-bc.exe;f
C:\Users\PGS.SpawN-Living\AppData\Local\Torch;fs
filesrcm;
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"Microsoft Update"=-;r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"Windows Update"=-;r
[HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run];r
"Policies"=-;r
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run];r
"Policies"=-;r
startupall;
C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe;f
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{683TY3FF-NB36-PP53-071W-A58HE82745K1}]
firefoxlook;
chromelook;
[Link mogu videti samo ulogovani korisnici];ff
ffdefaults;
C:\ProgramData\InstallMate;fs
ipconfig /flushdns >> %temp%\log.txt;b
notepad C:\ComboFix.txt;b
autoclean;

Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Dobićeš dva loga, kopiraj sadržaj oba loga u poruku.




Ponovo pokreni DDS i postavi mi svež izveštaj.




Ivance95 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

nisam nasao onaj log od zoeka :S pojavio se dok je radio ali greska i dalje postoji :SSSSSSS

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Log se nalazi na sledećoj lokaciji:
C:\zoek-results.log

Takođe mi dostavi i:
C:\ComboFix.txt




Ivance95 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 05 Nov 2013 23:30

[Link mogu videti samo ulogovani korisnici]

ComboFix 13-11-01.03 - PGS.SpawN-Living 11/03/2013 5:11.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4060.2546 [GMT 1:00]
Running from: c:\users\PGS.SpawN-Living\Downloads\ComboFix.exe
AV: Advanced SystemCare Ultimate *Enabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\WinPCap
c:\program files (x86)\WinPCap\daemon_mgm.exe
c:\program files (x86)\WinPCap\INSTALL.LOG
c:\program files (x86)\WinPCap\npf_mgm.exe
c:\program files (x86)\WinPCap\rpcapd.exe
c:\program files (x86)\WinPCap\Uninstall.exe
C:\readme.txt
c:\users\PGS.SpawN-Living\AppData\Roaming\dclogs
c:\users\PGS.SpawN-Living\AppData\Roaming\dclogs\2013-10-20-1.dc
c:\windows\security\Database\tmp.edb
c:\windows\system32\driver\svchost.exe
c:\windows\SysWow64\drivers\npf.sys
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
Infected copy of c:\windows\system32\Services.exe was found and disinfected
Restored copy from - c:\windows\erdnt\cache64\services.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2013-10-03 to 2013-11-03 )))))))))))))))))))))))))))))))
.
.
2013-11-03 04:17 . 2013-11-03 04:17 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-03 04:17 . 2013-11-03 04:17 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-03 04:17 . 2013-11-03 04:17 -------- d-----w- c:\users\PGS~1~SPA\AppData\Local\temp
2013-11-03 04:17 . 2013-11-03 04:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-01 07:29 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9163EAFF-B210-46E7-BE47-ED2C074555AA}\mpengine.dll
2013-11-01 04:35 . 2013-11-01 04:39 -------- d-----w- c:\users\PGS.SpawN-Living\AppData\Local\Microsoft Games
2013-11-01 02:22 . 2013-11-01 02:22 -------- d-----w- c:\users\PGS.SpawN-Living\AppData\Local\FluxSoftware
2013-10-31 03:10 . 2013-10-31 03:18 -------- d-----w- c:\users\PGS.SpawN-Living\AppData\Roaming\Dev-Cpp
2013-10-31 03:09 . 2013-10-31 03:09 -------- d-----w- c:\program files (x86)\Dev-Cpp
2013-10-30 01:48 . 2013-10-30 01:48 -------- d-----w- c:\programdata\Overwolf
2013-10-27 08:05 . 2013-10-27 08:05 -------- d-----w- c:\programdata\3DMGAME
2013-10-26 23:53 . 2013-10-26 23:53 -------- d-----w- c:\users\PGS.SpawN-Living\AppData\Local\Macromedia
2013-10-26 00:06 . 2013-10-26 00:06 -------- d-----w- c:\program files\CPUID
2013-10-23 04:31 . 2013-10-16 01:42 44744 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2013-10-22 03:25 . 2013-10-22 03:30 -------- d-----w- c:\users\PGS.SpawN-Living\AppData\Roaming\Notepad++
2013-10-22 03:25 . 2013-10-22 03:25 -------- d-----w- c:\program files (x86)\Notepad++
2013-10-22 00:05 . 2013-10-22 00:05 -------- d-----w- c:\users\PGS.SpawN-Living\AppData\Local\ActiveState
2013-10-21 22:55 . 2013-10-21 22:58 -------- d-----w- C:\Perl64
2013-10-20 21:25 . 2013-10-20 21:25 -------- d-----w- c:\program files (x86)\Flood Ping Break Point Tester
2013-10-20 21:25 . 2013-10-20 21:25 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-10-20 21:25 . 2013-10-20 21:25 249856 ------w- c:\windows\Setup1.exe
2013-10-20 21:02 . 2004-01-11 22:00 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-10-20 21:02 . 2003-03-19 01:14 499712 ----a-w- c:\windows\SysWow64\MSVCP71.DLL
2013-10-20 20:56 . 1999-12-16 00:00 1355776 ----a-w- c:\windows\system32\msvbvm50.dll
2013-10-20 20:50 . 2006-12-18 22:57 1657213 ----a-w- C:\csdos.exe
2013-10-20 20:22 . 2001-04-05 14:43 1009336 ----a-w- c:\windows\SysWow64\mschrt20.ocx
2013-10-20 20:22 . 2013-10-20 21:58 -------- d-----w- c:\program files (x86)\Net Tools
2013-10-20 20:14 . 2013-10-20 20:14 149301 ----a-w- c:\windows\Pinger Uninstaller.exe
2013-10-20 20:14 . 2013-10-20 20:43 -------- d-----w- c:\program files (x86)\Pinger
2013-10-20 03:15 . 2013-10-20 03:15 -------- d-----w- C:\found.000
2013-10-19 23:01 . 2013-10-19 23:01 -------- d-----w- c:\program files (x86)\Intelore
2013-10-18 02:19 . 2013-10-18 02:48 -------- d-----w- c:\users\PGS.SpawN-Living\AppData\Local\Game Updater
2013-10-17 21:50 . 2013-10-17 21:50 -------- d-----w- c:\programdata\Pivot Animator
2013-10-17 21:50 . 2013-10-17 21:50 -------- d-----w- c:\program files (x86)\Pivot Animator
2013-10-17 04:30 . 2013-10-17 04:30 -------- d-----w- c:\programdata\Oracle
2013-10-17 04:29 . 2013-10-17 04:29 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-10-17 04:29 . 2013-10-08 05:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-15 23:51 . 2013-10-15 23:51 -------- d-----w- c:\program files (x86)\Overwolf
2013-10-15 23:51 . 2013-10-15 23:51 -------- d-----w- c:\program files (x86)\Common Files\Overwolf
2013-10-15 14:54 . 2013-10-15 14:54 589600 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-10-15 00:01 . 2013-10-15 00:01 -------- d-----w- c:\programdata\TorchCrashHandler
2013-10-11 01:48 . 2013-06-16 12:38 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2013-10-11 01:48 . 2013-06-16 12:38 196384 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2013-10-11 01:48 . 2013-09-12 08:58 1884448 ----a-w- c:\windows\system32\nvdispco6432723.dll
2013-10-11 01:48 . 2013-09-12 08:58 1511712 ----a-w- c:\windows\system32\nvdispgenco6432723.dll
2013-10-11 01:43 . 2013-08-20 13:33 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-10-11 01:43 . 2013-08-20 13:32 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-10-10 05:58 . 2013-10-10 05:58 -------- d-----w- c:\users\PGS.SpawN-Living\AppData\Local\Facebook
2013-10-09 20:40 . 2013-09-23 01:25 775256 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2013-10-09 18:56 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-10-08 22:56 . 2013-10-08 22:56 -------- d-----w- c:\windows\SysWow64\Hotspot Shield
2013-10-08 22:25 . 2013-10-23 04:31 -------- d-----w- c:\program files (x86)\Hotspot Shield
2013-10-07 14:41 . 2004-02-22 22:00 119808 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL
2013-10-07 14:41 . 2000-06-12 22:00 415504 ----a-w- c:\windows\SysWow64\MSREPL35.DLL
2013-10-07 14:41 . 1998-06-17 22:00 89360 ----a-w- c:\windows\SysWow64\VB5DB.DLL
2013-10-07 14:41 . 1998-04-23 22:00 252176 ----a-w- c:\windows\SysWow64\MSRD2X35.DLL
2013-10-07 14:41 . 1998-04-23 22:00 24848 ----a-w- c:\windows\SysWow64\MSJTER35.DLL
2013-10-07 14:41 . 1998-04-23 22:00 123664 ----a-w- c:\windows\SysWow64\MSJINT35.DLL
2013-10-07 14:41 . 2013-10-07 14:41 -------- d-----w- c:\program files (x86)\FreeFolderHider
2013-10-07 14:41 . 2004-03-08 22:00 440352 ----a-w- c:\windows\SysWow64\MSHFLXGD.OCX
2013-10-07 14:41 . 2004-03-08 22:00 152848 ----a-w- c:\windows\SysWow64\COMDLG32.OCX
2013-10-07 14:41 . 2000-06-12 22:00 1046288 ----a-w- c:\windows\SysWow64\MSJET35.DLL
2013-10-07 14:41 . 1998-04-26 22:00 570128 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\DAO\DAO350.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-16 00:48 . 2013-07-15 20:14 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-10-16 00:48 . 2013-07-15 20:14 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-10-16 00:48 . 2013-07-15 20:14 3067560 ----a-w- c:\windows\system32\nvapi64.dll
2013-10-16 00:48 . 2013-07-15 20:14 2694664 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-10-16 00:48 . 2013-07-15 20:14 15244272 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-10-16 00:48 . 2013-07-15 20:14 1435504 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-10-15 21:47 . 2013-07-15 20:14 6665504 ----a-w- c:\windows\system32\nvcpl.dll
2013-10-15 21:47 . 2013-07-15 20:14 3489568 ----a-w- c:\windows\system32\nvsvc64.dll
2013-10-15 21:47 . 2013-07-15 20:14 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-10-15 21:47 . 2013-07-15 20:14 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-10-15 21:47 . 2013-07-15 20:14 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-10-12 13:26 . 2013-07-16 01:44 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-12 13:26 . 2013-07-16 01:44 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-09 20:34 . 2013-07-16 01:47 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-08 19:14 . 2013-07-15 20:14 3398914 ----a-w- c:\windows\system32\nvcoproc.bin
2013-09-17 20:33 . 2013-09-17 20:33 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-09-13 02:23 . 2013-09-13 02:23 2103040 ----a-w- c:\windows\system32\WavesGUILib64.dll
2013-09-13 02:23 . 2013-09-13 02:23 613448 ----a-w- c:\windows\system32\RtDataProc64.dll
2013-09-13 02:23 . 2013-09-13 02:23 3693640 ----a-w- c:\windows\system32\RtkAPO64.dll
2013-09-13 02:23 . 2013-09-13 02:23 3425608 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2013-09-13 02:23 . 2013-09-13 02:23 2794056 ----a-w- c:\windows\system32\RtPgEx64.dll
2013-09-13 02:23 . 2013-09-13 02:23 1662024 ----a-w- c:\windows\system32\RTSnMg64.cpl
2013-09-13 02:23 . 2013-09-13 02:23 142408 ----a-w- c:\windows\system32\RCoInstII64.dll
2013-09-13 02:23 . 2013-09-13 02:23 1284680 ----a-w- c:\windows\system32\RTCOM64.dll
2013-09-13 02:23 . 2013-09-13 02:23 1003592 ----a-w- c:\windows\system32\RtkApi64.dll
2013-09-13 02:23 . 2013-09-13 02:23 920320 ----a-w- c:\windows\system32\MaxxAudioAPOShell64.dll
2013-09-13 02:23 . 2013-09-13 02:23 2735648 ----a-w- c:\windows\system32\FMAPO64.dll
2013-09-13 02:23 . 2013-09-13 02:23 208072 ----a-w- c:\windows\system32\AERTAC64.dll
2013-09-13 02:23 . 2013-09-13 02:23 2032896 ----a-w- c:\windows\system32\MaxxAudioEQ64.dll
2013-09-13 02:23 . 2013-09-13 02:23 110592 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2013-09-13 02:23 . 2013-09-13 02:23 872152 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-09-13 02:23 . 2013-09-13 02:23 74456 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-09-13 02:23 . 2013-07-15 19:44 108760 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-09-03 12:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-09 18:56 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-28 02:31 . 2013-08-28 02:29 59009289 ----a-w- C:\sleeping-dogs-full_game-1.4.zip
2013-08-20 13:32 . 2013-08-25 07:32 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-08-18 00:11 . 2013-08-18 00:11 229984 ----a-w- c:\windows\system32\drivers\05837735.sys
2013-08-10 22:12 . 2013-08-10 22:12 181064 ----a-w- c:\windows\PSEXESVC.EXE
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare Ultimate"="c:\program files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" [2012-11-07 512384]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"Facebook Update"="c:\users\PGS.SpawN-Living\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-10-10 138096]
"Overwolf"="c:\program files (x86)\Overwolf\Overwolf.exe" [2013-08-22 35256]
"f.lux"="c:\users\PGS.SpawN-Living\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
"Microsoft Update"="c:\users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe" [2005-05-25 2097152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"MSIAfterburner"="c:\program files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe" [2013-01-23 44088]
"Windows Update"="c:\users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe" [2005-05-25 2097152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"Policies"="c:\users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe" [2005-05-25 2097152]
.
[HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run]
"Policies"="c:\users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe" [2005-05-25 2097152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 EagleX64;EagleX64; [x]
R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R4 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 TorchCrashHandler;Torch Crash Handler;c:\users\PGS.SpawN-Living\AppData\Local\Torch\Update\TorchCrashHandler.exe;c:\users\PGS.SpawN-Living\AppData\Local\Torch\Update\TorchCrashHandler.exe [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe;c:\program files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe [x]
S2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;c:\program files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe;c:\program files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [x]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys;c:\windows\SYSNATIVE\DRIVERS\nvoclk64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{683TY3FF-NB36-PP53-071W-A58HE82745K1}]
2005-05-25 18:03 2097152 --sha-r- c:\users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-17 20:12 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-16 13:26]
.
2013-09-13 c:\windows\Tasks\Driver Booster Scan.job
- c:\program files (x86)\IObit\Driver Booster\Scheduler.exe [2013-09-13 15:07]
.
2013-09-13 c:\windows\Tasks\Driver Booster Startup.job
- c:\program files (x86)\IObit\Driver Booster\DriverBooster.exe [2013-09-13 10:37]
.
2013-09-13 c:\windows\Tasks\Driver Booster Update.job
- c:\program files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-09-13 15:07]
.
2013-10-10 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4081597074-3522831173-4239480139-1000Core.job
- c:\users\PGS.SpawN-Living\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-10 05:58]
.
2013-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-15 19:57]
.
2013-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-15 19:57]
.
2013-09-30 c:\windows\Tasks\MSIAfterburner.job
- c:\program files (x86)\MSI Afterburner\MSIAfterburner.exe [2013-01-23 06:12]
.
2013-11-03 c:\windows\Tasks\update-S-1-5-21-4081597074-3522831173-4239480139-1000.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2013-07-15 11:37]
.
2013-11-03 c:\windows\Tasks\update-sys.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2013-07-15 11:37]
.
2013-08-23 c:\windows\Tasks\{6244A4AC-DBAB-43DB-A00E-827AA49D13BA}.job
- c:\users\pgs.spawn-living\appdata\local\torch\application\torch.exe [2013-08-22 16:44]
.
2013-08-23 c:\windows\Tasks\{7C7BC222-D07A-40F0-8044-453A26DF5FA6}.job
- c:\users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe [2013-08-22 16:44]
.
2013-08-23 c:\windows\Tasks\{8DB170A2-6FED-4CE8-81F1-88A85522D6D5}.job
- c:\users\pgs.spawn-living\appdata\local\torch\application\torch.exe [2013-08-22 16:44]
.
2013-08-23 c:\windows\Tasks\{AF8C6B23-FB74-4980-890F-C7DDE431ACAD}.job
- c:\users\pgs.spawn-living\appdata\local\torch\application\torch.exe [2013-08-22 16:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-09-13 13538376]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
.
------- Supplementary Scan -------
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 89.216.1.30 89.216.1.50
FF - ProfilePath - c:\users\PGS.SpawN-Living\AppData\Roaming\Mozilla\Firefox\Profiles\oks86jg0.default\
FF - ExtSQL: 2013-10-23 06:40; [Link mogu videti samo ulogovani korisnici]; c:\program files (x86)\Mozilla Firefox\browser\extensions\afext@anchorfree.com
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
SharedTaskScheduler-{F791A188-699D-4FD4-955A-EB59E89B1907} - (no file)
AddRemove-WinPcapInst - c:\program files (x86)\WinPcap\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Skype\Phone\Skype.exe
.
**************************************************************************
.
Completion time: 2013-11-03 05:24:12 - machine was rebooted
ComboFix-quarantined-files.txt 2013-11-03 04:24
ComboFix2.txt 2013-10-12 13:03
.
Pre-Run: 22,647,939,072 bytes free
Post-Run: 22,450,864,128 bytes free
.
- - End Of File - - EC5FAE0494FED270B54E46951254A51D
A36C5E4F47E84449FF07ED3517B43A31



[Link mogu videti samo ulogovani korisnici]


Zoek.exe Version 4.0.0.5 Updated 05-November-2013
Tool run by PGS.SpawN-Living on Tue 11/05/2013 at 22:11:39.61.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\PGS~1.SPA\AppData\Local\Temp\Rar$DIa0.783\zoek.com [Script inserted]

==== System Restore Info ======================

11/5/2013 10:12:29 PM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\PGS.SpawN-Living\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\PGS.SpawN-Living\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\PGS.SpawN-Living\AppData\Roaming\Mozilla\Firefox\Profiles\oks86jg0.default\prefs.js:

Added to C:\Users\PGS.SpawN-Living\AppData\Roaming\Mozilla\Firefox\Profiles\oks86jg0.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\PGS.SpawN-Living\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

user.js not found
---- FireFox user.js and prefs.js backups ----


ProfilePath: C:\Users\PGS.SpawN-Living\AppData\Roaming\Mozilla\Firefox\Profiles\oks86jg0.default

user.js not found
---- Lines [Link mogu videti samo ulogovani korisnici] modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"afext@anchorfree.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mo
---- FireFox user.js and prefs.js backups ----

prefs_20131105_1019_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Update"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Update"=-
[HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run]
"Policies"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"Policies"=-

==== Batch Command(s) Run By Tool======================


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

==== Deleting Files \ Folders ======================

C:\ProgramData\InstallMate deleted
C:\PROGRA~2\Ss-Helper deleted
C:\found.000 deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Hotspot Shield deleted
C:\ProgramData\mfc7sys.txt deleted
C:\ProgramData\Package Cache deleted
C:\ProgramData\WinterSoft deleted
C:\Users\PGS.SpawN-Living\AppData\Local\CRE deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Users\PGS.SpawN-Living\Downloads\Colasoft Capsa Enterprise Edition v6.9.exe deleted
"C:\Users\PGS.SpawN-Living\Downloads\TorchSetup-r69-n-bc.exe" deleted
"C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe" deleted
"C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe" deleted
"C:\Users\PGS.SpawN-Living\AppData\Roaming\Godlike\ultimatewt" deleted
"C:\Users\PGS.SpawN-Living\AppData\Local\Torch\log.log" deleted
"C:\Users\PGS.SpawN-Living\AppData\Roaming\driver" deleted
"C:\Users\PGS.SpawN-Living\AppData\Roaming\Godlike" deleted
"C:\Users\PGS.SpawN-Living\AppData\Local\Torch" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-10-20 21:25:33 D422839C99927DB561F5C019643EACEC 73216 ----a-w- C:\Windows\ST6UNST.EXE
2013-10-20 21:25:33 B9917FC4C836776765E311FFF84DD534 249856 ------w- C:\Windows\Setup1.exe
2013-10-20 20:14:29 7518933775C4E880CA2CDF4A49038C66 149301 ----a-w- C:\Windows\Pinger Uninstaller.exe
2013-10-12 12:51:04 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2013-10-12 12:51:04 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2013-10-12 12:51:04 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2013-10-12 12:51:04 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2013-10-12 12:51:04 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
====== C:\Users\PGS~1.SPA\AppData\Local\Temp ====
2013-11-05 10:49:50 7FC4723BB0A4118E5F91047021D1AACD 6656 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Temp\nsnF0A6.tmp\nsArray.dll
2013-11-05 10:49:01 A88BAAD3461D2E9928A15753B1D93FD7 13312 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Temp\nsnF0A6.tmp\UAC.dll
2013-11-05 10:48:59 959EA64598B9A3E494C00E8FA793BE7E 11264 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Temp\nsnF0A6.tmp\System.dll
2013-11-05 10:48:59 2B7007ED0262CA02EF69D8990815CBEB 25088 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Temp\nsnF0A6.tmp\registry.dll
2013-11-04 10:54:54 27365F798896FA8297D82015D5B891A4 1892360 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Temp\nsnF0A6.tmp\Helper.dll
2013-11-04 04:10:11 57E626878D667E65127D1725279B0965 12384 ----atw- C:\Users\PGS.SpawN-Living\AppData\Local\Temp\{074F1452-3041-4069-A282-7863DCAC36A4}\x86\regsvr32.exe
2013-11-04 04:10:11 157FE300857E06020BCB38A04D5B3B75 12896 ----atw- C:\Users\PGS.SpawN-Living\AppData\Local\Temp\{074F1452-3041-4069-A282-7863DCAC36A4}\x64\regsvr32.exe
2013-11-04 04:09:24 71F784969D24240764D5E5D752D55A41 1722581 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Temp\{074F1452-3041-4069-A282-7863DCAC36A4}\Addons\EzDownloader_setup.exe
2013-11-03 12:06:02 1D70BE6C8303EB57079B005BA6B399AD 139672 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Temp\swt-win32-3349.dll
2013-11-03 11:26:38 4C6C24FF4BB842D35B1A14C909D9D091 10588160 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Temp\SkypeToolbars.msi
2013-11-03 11:26:09 BA280290C69BD3334600DB37B9E3201A 24952832 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Temp\Skype.msi
====== Java Cache =====
2013-10-09 03:31:41 FE668AB14C48D29EE1DD3729833BD9DF 17197 ----a-w- C:\Users\PGS.SpawN-Living\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\59e2388c-4a98ef5b
2013-10-26 06:49:26 CAEF9A7AAA3C659EEB5DA441C88CCB27 84 ----a-w- C:\Users\PGS.SpawN-Living\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\624f270d-6.0.lap
2013-10-26 06:49:27 4CF2CBFA99CD797C4C73C62CBF539CBE 17298 ----a-w- C:\Users\PGS.SpawN-Living\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\3b423990-4c0b40bc
====== C:\Windows\SysWOW64 =====
2013-11-05 10:49:48 CFF867572B44212B01B711C1FA009537 101888 ----a-w- C:\Windows\SysWOW64\VB6STKIT.DLL
2013-11-03 12:07:44 D95EAABF5D277EF91D9CA70151209E56 68616 ----a-w- C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-11-03 12:07:44 50F4A0D5E6A0BAFEFA78F353533B8E06 509448 ----a-w- C:\Windows\SysWOW64\XAudio2_2.dll
2013-11-03 12:07:43 E6C2F1D8B667DDC04CB55B9F0159EF97 467984 ----a-w- C:\Windows\SysWOW64\d3dx10_39.dll
2013-11-03 12:07:43 C4F1972497FE2CEB7D900938C97FCF91 1493528 ----a-w- C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-11-03 12:07:40 8CB3DEFB8887C4F0846DB1FC1304D6D2 3851784 ----a-w- C:\Windows\SysWOW64\D3DX9_39.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2013-11-05 21:16:07 5E75CA03513BF7563F9A6AFCBDC47AC2 49872 ----a-w- C:\Windows\Sysnative\drivers\xvestfow.sys
2013-10-23 04:31:39 2772E9DE532F860F9FED746896A316BE 44744 ----a-w- C:\Windows\Sysnative\drivers\hssdrv6.sys
2013-10-22 00:41:14 5A81DCCDA60D41BAC26C00B650D8769D 12537632 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys
2013-10-11 01:48:05 554964B900AE2954B8B589B6287034AC 196384 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys
2013-10-11 01:43:16 220B120EF4C36B4A3E23FAEC91E2FCE3 39200 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys
2013-10-09 18:56:48 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
2013-10-09 18:56:44 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys
2013-10-09 18:56:44 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys
2013-10-09 18:56:44 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys
2013-10-09 18:56:43 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
2013-10-09 18:56:38 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2013-10-09 18:56:37 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
2013-10-09 18:56:33 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
2013-10-09 18:56:32 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys
2013-10-09 18:56:32 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
2013-10-09 18:56:32 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
2013-10-09 18:56:32 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys
2013-10-09 18:56:32 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys
2013-10-09 18:56:32 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2013-10-09 18:56:32 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys
====== C:\Windows\Tasks ======
2013-11-04 06:38:59 5ECF011322965E95ECC3A4AC06569C46 972 ----a-w- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4081597074-3522831173-4239480139-1000UA.job
2013-11-04 06:38:59 5436BB31BCA12BD8B21A756D907A71CE 3970 ----a-w- C:\Windows\Sysnative\Tasks\FacebookUpdateTaskUserS-1-5-21-4081597074-3522831173-4239480139-1000UA
2013-11-04 06:38:59 476689F54FCD7063D0713EF0321F45BD 3602 ----a-w- C:\Windows\Sysnative\Tasks\FacebookUpdateTaskUserS-1-5-21-4081597074-3522831173-4239480139-1000Core
2013-10-23 00:18:09 817869C36F8745184DD4577AA97F398B 3266 ----a-w- C:\Windows\Sysnative\Tasks\{39BAAB48-B6E6-4AED-9E69-42A22AAF5E66}
2013-10-17 04:30:44 EBB46F1FD70D5ADE51ED702342DB344E 3198 ----a-w- C:\Windows\Sysnative\Tasks\{F9D17E07-BA91-4511-98A0-5A4C736E28F6}
2013-10-10 05:58:13 D3661387DBD9508D22F3D1509976331B 950 ----a-w- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4081597074-3522831173-4239480139-1000Core.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-10-26 00:06:19 -------- d-----w- C:\Program Files\CPUID
======= C:\PROGRA~2 =====
2013-11-04 00:09:47 -------- d-----r- C:\PROGRA~2\Skype
2013-11-03 12:06:06 -------- d-----w- C:\PROGRA~2\Pando Networks
2013-10-31 03:09:13 -------- d-----w- C:\PROGRA~2\Dev-Cpp
2013-10-22 03:25:21 -------- d-----w- C:\PROGRA~2\Notepad++
2013-10-20 21:25:49 -------- d-----w- C:\PROGRA~2\Flood Ping Break Point Tester
2013-10-20 20:22:48 -------- d-----w- C:\PROGRA~2\Net Tools
2013-10-20 20:14:27 -------- d-----w- C:\PROGRA~2\Pinger
2013-10-19 23:01:05 -------- d-----w- C:\PROGRA~2\Intelore
2013-10-17 21:50:28 -------- d-----w- C:\PROGRA~2\Pivot Animator
2013-10-17 04:29:57 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2013-10-15 23:51:02 -------- d-----w- C:\PROGRA~2\Overwolf
2013-10-15 23:51:02 -------- d-----w- C:\PROGRA~2\COMMON~1\Overwolf
======= C: =====
2013-10-20 20:51:16 CA9A910086226C6D9DBAAC7193A53E94 44 ----a-w- C:\how to.txt
2013-10-20 20:50:44 911CF9B414EB01ECA4BC688D48CF73D7 1657213 ----a-w- C:\csdos.exe
====== C:\Users\PGS.SpawN-Living\AppData\Roaming ======
2013-11-05 10:49:45 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
2013-11-04 00:18:08 9A30D8D57E754EE95330770E5B69812E 58016 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-03 13:11:11 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\LolClient
2013-11-03 12:06:11 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\PMB Files
2013-11-03 12:03:54 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\Riot Games
2013-11-03 04:24:14 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp
2013-11-03 04:24:14 -------- d-----w- C:\Users\Public\AppData\Local\temp
2013-11-03 04:24:14 -------- d-----w- C:\Users\PGS~1~SPA\AppData\Local\temp
2013-11-03 04:24:14 -------- d-----w- C:\Users\Default\AppData\Local\temp
2013-11-03 04:24:14 -------- d-----w- C:\Users\Default User\AppData\Local\temp
2013-11-01 04:40:04 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Locallow\Adobe
2013-11-01 04:35:14 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\Microsoft Games
2013-11-01 02:22:56 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2013-11-01 02:22:54 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\FluxSoftware
2013-10-31 03:10:45 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\Dev-Cpp
2013-10-22 03:25:26 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\Notepad++
2013-10-22 03:25:22 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-10-22 00:05:54 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\ActiveState
2013-10-20 20:14:28 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pinger
2013-10-19 23:01:05 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
2013-10-18 02:19:10 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\Game Updater
2013-10-15 23:51:08 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2013-10-12 23:03:38 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google
2013-10-12 00:41:27 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Locallow\Google
2013-10-10 05:58:12 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\Facebook
====== C:\Users\PGS.SpawN-Living ======
2013-11-05 09:56:44 C44950FC9C00467F40D343F7C9C369B8 1038584 ----a-w- C:\Users\PGS.SpawN-Living\Downloads\rkill64.exe
2013-11-05 09:56:31 F57BA27E40729955300DEE872646BDEB 1898232 ----a-w- C:\Users\PGS.SpawN-Living\Downloads\rkill.exe
2013-11-05 09:55:59 A9220115BF8D64017F66887732304B24 1073258 ----a-w- C:\Users\PGS.SpawN-Living\Downloads\AdwCleaner.exe
2013-11-05 03:19:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pocket Tanks Deluxe
2013-11-05 01:49:38 -------- d-----w- C:\ProgramData\.mono
2013-11-04 06:38:50 FEE1D58C6AD73F25EB0DAD4F690560AD 501248 ----a-w- C:\Users\PGS.SpawN-Living\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2013-11-04 00:09:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2013-11-03 12:07:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2013-11-03 12:06:09 -------- d-----w- C:\ProgramData\PMB Files
2013-11-03 12:03:05 8199BD9C3722ADA764AE1DE2B060A1F2 34249488 ----a-w- C:\Users\PGS.SpawN-Living\Downloads\LeagueofLegends_EUNE_Installer_06_17_13.exe
2013-11-03 11:25:43 6EED24ABAB6E8DD750450B25ADFC1049 1550496 ----a-w- C:\Users\PGS.SpawN-Living\Downloads\SkypeSetup.exe
2013-11-02 10:57:34 178B39E297BA32FD49251AEE7A323CEC 14527 ----a-w- C:\Users\PGS.SpawN-Living\Desktop\NFSW_PursuitBot v1594.exe
2013-10-31 03:10:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
2013-10-30 01:48:56 -------- d-----w- C:\ProgramData\Overwolf
2013-10-27 08:05:50 -------- d-----w- C:\ProgramData\3DMGAME
2013-10-23 04:23:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 3
2013-10-22 03:25:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-10-21 22:56:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePerl 5.16.3 Build 1603 (64-bit)
2013-10-20 21:25:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flood Ping Break Point Tester
2013-10-19 23:01:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
2013-10-18 22:46:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Juarez Gunslinger
2013-10-17 21:50:40 -------- d-----w- C:\ProgramData\Pivot Animator
2013-10-17 21:50:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator
2013-10-17 04:30:07 -------- d-----w- C:\ProgramData\Oracle
2013-10-17 04:29:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2013-10-12 00:41:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2013-10-09 05:45:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BioShock Infinite

====== C: exe-files ==
2013-11-05 09:56:44 C44950FC9C00467F40D343F7C9C369B8 1038584 ----a-w- C:\Users\PGS.SpawN-Living\Downloads\rkill64.exe
2013-11-05 09:56:31 F57BA27E40729955300DEE872646BDEB 1898232 ----a-w- C:\Users\PGS.SpawN-Living\Downloads\rkill.exe
2013-11-05 09:55:59 A9220115BF8D64017F66887732304B24 1073258 ----a-w- C:\Users\PGS.SpawN-Living\Downloads\AdwCleaner.exe
2013-11-05 03:18:20 F6F411A1A6C78E54AA6F675E92A8EF3B 31538348 ----a-w- C:\Users\PGS.SpawN-Living\Documents\Downloads\ptd16.295.exe
2013-11-04 06:38:50 FEE1D58C6AD73F25EB0DAD4F690560AD 501248 ----a-w- C:\Users\PGS.SpawN-Living\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2013-11-04 04:10:11 57E626878D667E65127D1725279B0965 12384 ----atw- C:\Users\PGS.SpawN-Living\AppData\Local\Temp\{074F1452-3041-4069-A282-7863DCAC36A4}\x86\regsvr32.exe
2013-11-04 04:10:11 157FE300857E06020BCB38A04D5B3B75 12896 ----atw- C:\Users\PGS.SpawN-Living\AppData\Local\Temp\{074F1452-3041-4069-A282-7863DCAC36A4}\x64\regsvr32.exe
2013-11-04 04:10:06 440A9319E8AB0143018A5309F3A967E7 1395864 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HDAQB7G9\g5sAa[1].exe
2013-11-04 04:10:05 102A308197D8FF05CE2B775CF4BFF0C7 1538892 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\APYYNZ4P\search_defender_alternate_166[1].exe
2013-11-04 04:10:04 E6B6EC9F87625FFF983C241E8106D620 729600 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\APYYNZ4P\agent2[1].exe
2013-11-04 04:09:52 903C06F02D542E7DFE137E8FB2E86E59 1504931 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HDAQB7G9\psupport_install[1].exe
2013-11-04 04:09:49 FE6A4196DB838E7C829F0D0DE21A0E59 1395352 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\APYYNZ4P\Yaifh[1].exe
2013-11-04 04:09:45 EE237650587E89147E22AD095D20A2B3 1395544 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HDAQB7G9\WSo[1].exe
2013-11-04 04:09:27 7329813B9C35CE03385BD76CE62440A9 1395672 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\APYYNZ4P\JQPPA2dQxM[1].exe
2013-11-04 04:09:24 71F784969D24240764D5E5D752D55A41 1722581 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Temp\{074F1452-3041-4069-A282-7863DCAC36A4}\Addons\EzDownloader_setup.exe
2013-11-04 04:09:24 71F784969D24240764D5E5D752D55A41 1722581 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F510O85A\ezdownloader[1].exe
2013-11-03 12:06:06 C22AEED3FFA5E4BD289175531B8C5C3E 3089488 ----a-w- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2013-11-03 12:06:06 4BDCAA2E278F9171EA4357F5DA582B90 277696 ----a-w- C:\Program Files (x86)\Pando Networks\Media Booster\BsSndRpt.exe
2013-11-03 12:06:06 3299CF9F952485991C7968BEBE7018F1 300528 ----a-w- C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
2013-11-03 12:03:05 8199BD9C3722ADA764AE1DE2B060A1F2 34249488 ----a-w- C:\Users\PGS.SpawN-Living\Downloads\LeagueofLegends_EUNE_Installer_06_17_13.exe
2013-11-03 11:25:43 6EED24ABAB6E8DD750450B25ADFC1049 1550496 ----a-w- C:\Users\PGS.SpawN-Living\Downloads\SkypeSetup.exe
2013-11-02 10:57:34 178B39E297BA32FD49251AEE7A323CEC 14527 ----a-w- C:\Users\PGS.SpawN-Living\Desktop\NFSW_PursuitBot v1594.exe
2013-11-02 06:39:41 FBB04FDD1B742B1FDBE7CEFEE0C56D24 506528 ----a-w- C:\Program Files (x86)\TeamViewer\Version8\uninstall.exe
2013-11-02 06:39:41 F67C21CC4195F6AFC447418FE163E156 5087584 ----a-w- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
2013-11-02 06:39:41 E623B98CC2F6275C027CCBDF13749A77 195936 ----a-w- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
2013-11-02 06:39:41 0396FE5D35238C7424B3F913FD6832BF 232800 ----a-w- C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
2013-11-02 06:39:40 AB055E4E8A49E06469B137C93C8E11C6 12631904 ----a-w- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
2013-11-02 06:39:40 A09E329D8351719A5B17080304DF3C6D 4536672 ----a-w- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Desktop.exe
2013-11-01 02:22:56 39E63A67198F694BC4EE7CFFE3EB8958 53995 ----a-w- C:\Users\PGS.SpawN-Living\AppData\Local\FluxSoftware\Flux\uninstall.exe
2013-10-31 03:09:13 11673D32A0A3AA1365D0795EE9210528 70772 ----a-w- C:\Program Files (x86)\Dev-Cpp\uninstall.exe
2013-10-29 23:00:16 01D25FF3FE6A11BF3B5F445BECDE7545 3253760 ----a-w- C:\Program Files (x86)\Dev-Cpp\devcpp.exe
=== C: other files ==
2013-11-05 21:16:07 5E75CA03513BF7563F9A6AFCBDC47AC2 49872 ----a-w- C:\Windows\System32\drivers\xvestfow.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-4081597074-3522831173-4239480139-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare Ultimate"="C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe /AutoStart"
"Microsoft Update"="C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe "

[HKEY_USERS\S-1-5-21-4081597074-3522831173-4239480139-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-4081597074-3522831173-4239480139-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSIAfterburner"="C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe /s"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Windows Update"="C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare Ultimate"="C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe /AutoStart"
"Microsoft Update"="C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"="C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"="C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"="C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Lite"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\f.lux]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="f.lux"
"hkey"="HKCU"
"command"="\"C:\\Users\\PGS.SpawN-Living\\AppData\\Local\\FluxSoftware\\Flux\\flux.exe\" /noshow"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Facebook Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\PGS.SpawN-Living\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KPeerNexonEU]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KPeerNexonEU"
"hkey"="HKCU"
"command"="C:\\Nexon\\NEXON_EU_Downloader\\nxEULauncher.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightShot]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LightShot"
"hkey"="HKCU"
"command"="C:\\Users\\PGS.SpawN-Living\\AppData\\Local\\Skillbrains\\lightshot\\LightShot.exe Flags: uninsdeletevalue"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Microsoft Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Microsoft Update"
"hkey"="HKCU"
"command"="C:\\Users\\PGS.SpawN-Living\\AppData\\Roaming\\driver\\svchost.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSIAfterburner]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MSIAfterburner"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\MSI Afterburner\\MSIAfterburnerWrapper.exe\" /s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nvtmru]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Nvtmru"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\NVIDIA Corporation\\NVIDIA Update Core\\nvtmru.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Overwolf]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Overwolf"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Overwolf\\Overwolf.exe -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\rfagent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="rfagent"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\RFA 9\\rfagent64.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RGSC]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RGSC"
"hkey"="HKCU"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Update]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Windows Update"
"hkey"="HKLM"
"command"="C:\\Users\\PGS.SpawN-Living\\AppData\\Roaming\\driver\\svchost.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\[eMo]Web Browser Optimizer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="[eMo]Web Browser Optimizer"
"hkey"="HKCU"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\eventlog]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Futuremark SystemInfo Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\hshld]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HssTrayService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HssWd]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel(R) Capability Licensing Service Interface]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel(R) Capability Licensing Service TCP IP Interface]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\jhi_service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LMS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TabletInputService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TapiSrv]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TeamViewer8]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TorchCrashHandler]


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]
C:\Windows\tasks\Driver Booster Scan.job --a------ C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [08/02/2013 04:07 PM]
C:\Windows\tasks\Driver Booster Startup.job --a------ [Undetermined Task]
C:\Windows\tasks\Driver Booster Update.job --a------ C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [08/02/2013 04:07 PM]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4081597074-3522831173-4239480139-1000Core.job --a------ C:\Users\PGS.SpawN-Living\AppData\Local\Facebook\Update\FacebookUpdate.exe [11/04/2013 08:22 AM]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4081597074-3522831173-4239480139-1000UA.job --a------ C:\Users\PGS.SpawN-Living\AppData\Local\Facebook\Update\FacebookUpdate.exe [11/04/2013 08:22 AM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/15/2013 08:57 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/15/2013 08:57 PM]
C:\Windows\tasks\MSIAfterburner.job --a------ C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [01/23/2013 07:12 AM]
C:\Windows\tasks\update-S-1-5-21-4081597074-3522831173-4239480139-1000.job --a------ C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [09/27/2013 12:37 PM]
C:\Windows\tasks\update-sys.job --a------ C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [09/27/2013 12:37 PM]
C:\Windows\tasks\{6244A4AC-DBAB-43DB-A00E-827AA49D13BA}.job --a------ C:\users\pgs.spawn-living\appdata\local\torch\application\torch.exe []
C:\Windows\tasks\{7C7BC222-D07A-40F0-8044-453A26DF5FA6}.job --a------ C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe []
C:\Windows\tasks\{8DB170A2-6FED-4CE8-81F1-88A85522D6D5}.job --a------ C:\users\pgs.spawn-living\appdata\local\torch\application\torch.exe []
C:\Windows\tasks\{AF8C6B23-FB74-4980-890F-C7DDE431ACAD}.job --a------ C:\users\pgs.spawn-living\appdata\local\torch\application\torch.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\ASC6_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-4081597074-3522831173-4239480139-1000Core" [C:\Users\PGS.SpawN-Living\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-4081597074-3522831173-4239480139-1000UA" [C:\Users\PGS.SpawN-Living\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\Game_Booster_AutoUpdate" [C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\update-S-1-5-21-4081597074-3522831173-4239480139-1000" [C:\Program Files (x86)\Skillbrains\Updater\Updater.exe]
"C:\Windows\SysNative\tasks\update-sys" [C:\Program Files (x86)\Skillbrains\Updater\Updater.exe]

==== Firefox Extensions ======================

ExtDir: C:\Users\PGS.SpawN-Living\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Torntv 3 - %ExtDir%\trtv3@trtv.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Hotspot Shield Extension - %AppDir%\browser\extensions\afext@anchorfree.com
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\PGS.SpawN-Living\AppData\Roaming\Mozilla\Firefox\Profiles\oks86jg0.default
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
99E2145307150EB8AB78F4F888F97DBE - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll - Nexon Game Controller
AE7B288233C212C62CD544BF768C45E6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll - Shockwave for Director / Shockwave for Director
341B3AE026B143DBC17BA1E1E0BAE3D6 - C:\Users\PGS.SpawN-Living\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\PGS.SpawN-Living\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin


==== Deleted Firefox Extensions ======================

C:\Users\PGS.SpawN-Living\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\trtv3@trtv.com.xpi deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\BrowerProtect\ASC_GhromePlugin.crx[09/05/2012 05:55 PM]

Google Docs - PGS.SpawN-Living - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - PGS.SpawN-Living - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
SocialReviver - PGS.SpawN-Living - Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald
YouTube - PGS.SpawN-Living - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - PGS.SpawN-Living - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
TLRemove - PGS.SpawN-Living - Default\Extensions\hneieddeibpcngeljjkdpcajfcgelalk
Advanced SystemCare Surfing Protection - PGS.SpawN-Living - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Google Wallet - PGS.SpawN-Living - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - PGS.SpawN-Living - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2537D561-86AD-30F6-175D-48B9A0F0D8FB} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PGS.SpawN-Living\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\PGS.SpawN-Living\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\PGS~1.SPA\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Tue 11/05/2013 at 22:38:28.11 ======================

Dopuna: 06 Nov 2013 7:33

i dalje mi izlazi virus :S

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ostao je još jedan korak da ispratiš, dostavi mi svež DDS log.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.45.2
Run by PGS.SpawN-Living at 5:44:45 on 2013-11-07
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4060.1963 [GMT 1:00]
.
AV: Advanced SystemCare Ultimate *Enabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Update\TorchCrashHandler.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Skillbrains\lightshot\4.4.1.0\LightShot.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe
C:\Windows\system32\taskhost.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Update\29.0.0.4888\TorchUpdate.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Application\torch.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Advanced SystemCare Ultimate] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
uRun: [Microsoft Update] C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe
uRun: [Facebook Update] "C:\Users\PGS.SpawN-Living\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Viber] "C:\Users\PGS.SpawN-Living\AppData\Local\Viber\Viber.exe"
uRun: [FreeCall] "C:\Program Files (x86)\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
mRun: [MSIAfterburner] "C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe" /s
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Windows Update] C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe
uExplorerRun: [Policies] C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe
mExplorerRun: [Policies] C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 89.216.1.30 89.216.1.50
TCP: Interfaces\{85C86AF3-970D-497D-ABA2-C1200F1F835F} : DHCPNameServer = 89.216.1.30 89.216.1.50
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {683TY3FF-NB36-PP53-071W-A58HE82745K1} - C:\Users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-STS: {F791A188-699D-4FD4-955A-EB59E89B1907} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\PGS.SpawN-Living\AppData\Roaming\Mozilla\Firefox\Profiles\oks86jg0.default\
FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici]
FF - plugin: C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll
FF - plugin: C:\Users\PGS.SpawN-Living\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\PGS.SpawN-Living\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-10-23 06:40; [Link mogu videti samo ulogovani korisnici]; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afext@anchorfree.com
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-8-28 17720]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2013-7-15 22128]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-7-16 283064]
R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\drivers\hssdrv6.sys [2013-10-23 44744]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe [2013-7-15 1051088]
R2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe [2013-7-15 621008]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-8-25 14997280]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-15 414496]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-11-2 5087584]
R2 TorchCrashHandler;Torch Crash Handler;C:\Users\PGS.SpawN-Living\AppData\Local\Torch\Update\TorchCrashHandler.exe [2013-11-4 1213448]
R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\System32\drivers\nvoclk64.sys [2009-9-15 42088]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-10-11 39200]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-9-13 872152]
R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-9-17 42184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2013-7-25 21712]
S3 OverwolfUpdaterService;Overwolf Updater Service;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2013-10-16 18360]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-7-15 19456]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-7-15 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-7-15 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-7-15 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2013-9-5 166112]
S4 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-7-15 169432]
SUnknown xvestfow;xvestfow; [x]
.
=============== Created Last 30 ================
.
2013-11-07 04:29:39 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\FreeCall
2013-11-07 04:29:37 -------- d-----w- C:\Program Files (x86)\FreeCall.com
2013-11-06 06:14:42 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0B2E4946-06EF-41CD-A21A-B861B157A693}\offreg.dll
2013-11-05 21:43:01 -------- d-----w- C:\ProgramData\TorchCrashHandler
2013-11-05 21:42:09 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\Torch
2013-11-05 21:38:32 -------- d-sh--w- C:\$RECYCLE.BIN
2013-11-05 21:28:13 24064 ----a-w- C:\Windows\zoek-delete.exe
2013-11-05 21:28:13 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\Temp
2013-11-05 21:11:30 -------- d-----w- C:\zoek_backup
2013-11-05 20:14:39 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0B2E4946-06EF-41CD-A21A-B861B157A693}\mpengine.dll
2013-11-05 10:49:48 101888 ----a-w- C:\Windows\SysWow64\VB6STKIT.DLL
2013-11-05 01:49:38 -------- d-----w- C:\ProgramData\.mono
2013-11-04 00:09:47 -------- d-----r- C:\Program Files (x86)\Skype
2013-11-03 13:11:11 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\LolClient
2013-11-03 12:07:44 68616 ----a-w- C:\Windows\SysWow64\XAPOFX1_1.dll
2013-11-03 12:07:44 509448 ----a-w- C:\Windows\SysWow64\XAudio2_2.dll
2013-11-03 12:07:43 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2013-11-03 12:07:43 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2013-11-03 12:07:40 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2013-11-03 12:06:11 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\PMB Files
2013-11-03 12:06:09 -------- d-----w- C:\ProgramData\PMB Files
2013-11-03 12:06:06 -------- d-----w- C:\Program Files (x86)\Pando Networks
2013-11-03 12:03:54 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\Riot Games
2013-11-01 04:35:14 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\Microsoft Games
2013-11-01 02:22:54 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\FluxSoftware
2013-10-31 03:10:45 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Roaming\Dev-Cpp
2013-10-31 03:09:13 -------- d-----w- C:\Program Files (x86)\Dev-Cpp
2013-10-30 01:48:56 -------- d-----w- C:\ProgramData\Overwolf
2013-10-27 08:05:50 -------- d-----w- C:\ProgramData\3DMGAME
2013-10-26 23:53:57 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\Macromedia
2013-10-26 00:06:19 -------- d-----w- C:\Program Files\CPUID
2013-10-23 04:31:39 44744 ----a-w- C:\Windows\System32\drivers\hssdrv6.sys
2013-10-22 00:05:54 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\ActiveState
2013-10-21 22:55:37 -------- d-----w- C:\Perl64
2013-10-20 21:25:49 -------- d-----w- C:\Program Files (x86)\Flood Ping Break Point Tester
2013-10-20 21:25:33 73216 ----a-w- C:\Windows\ST6UNST.EXE
2013-10-20 21:25:33 249856 ------w- C:\Windows\Setup1.exe
2013-10-20 21:02:11 499712 ----a-w- C:\Windows\SysWow64\MSVCP71.DLL
2013-10-20 21:02:11 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2013-10-20 20:56:49 1355776 ----a-w- C:\Windows\System32\msvbvm50.dll
2013-10-20 20:50:44 1657213 ----a-w- C:\csdos.exe
2013-10-20 20:22:50 1009336 ----a-w- C:\Windows\SysWow64\mschrt20.ocx
2013-10-20 20:22:48 -------- d-----w- C:\Program Files (x86)\Net Tools
2013-10-20 20:14:29 149301 ----a-w- C:\Windows\Pinger Uninstaller.exe
2013-10-20 20:14:27 -------- d-----w- C:\Program Files (x86)\Pinger
2013-10-19 23:01:05 -------- d-----w- C:\Program Files (x86)\Intelore
2013-10-18 02:19:10 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\Game Updater
2013-10-17 21:50:40 -------- d-----w- C:\ProgramData\Pivot Animator
2013-10-17 21:50:28 -------- d-----w- C:\Program Files (x86)\Pivot Animator
2013-10-17 04:30:07 -------- d-----w- C:\ProgramData\Oracle
2013-10-17 04:29:47 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-15 23:51:02 -------- d-----w- C:\Program Files (x86)\Overwolf
2013-10-15 23:51:02 -------- d-----w- C:\Program Files (x86)\Common Files\Overwolf
2013-10-15 14:54:06 589600 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-10-12 12:51:04 98816 ----a-w- C:\Windows\sed.exe
2013-10-12 12:51:04 256000 ----a-w- C:\Windows\PEV.exe
2013-10-12 12:51:04 208896 ----a-w- C:\Windows\MBR.exe
2013-10-11 01:48:05 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2013-10-11 01:48:05 196384 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2013-10-11 01:48:04 1884448 ----a-w- C:\Windows\System32\nvdispco6432723.dll
2013-10-11 01:48:04 1511712 ----a-w- C:\Windows\System32\nvdispgenco6432723.dll
2013-10-11 01:43:16 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-10-11 01:43:16 28448 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-10-10 05:58:12 -------- d-----w- C:\Users\PGS.SpawN-Living\AppData\Local\Facebook
2013-10-09 18:56:51 633856 ----a-w- C:\Windows\System32\comctl32.dll
2013-10-09 09:58:02 4879744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-10-09 09:58:02 4879744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
==================== Find3M ====================
.
2013-10-15 21:47:39 6665504 ----a-w- C:\Windows\System32\nvcpl.dll
2013-10-15 21:47:39 3489568 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-10-15 21:47:36 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-10-15 21:47:36 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-10-15 21:47:36 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2013-10-12 13:26:14 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-12 13:26:14 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-08 19:14:15 3398914 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-09-17 20:33:40 42184 ----a-w- C:\Windows\System32\drivers\taphss6.sys
2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-09-03 12:35:10 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2013-08-20 13:32:58 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-08-18 00:11:46 229984 ----a-w- C:\Windows\System32\drivers\05837735.sys
.
============= FINISH: 5:45:11.61 ===============





[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ponovo pokreni zoek ;


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;


U beli okvir prozora iskopiraj sledeći tekst:

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"Microsoft Update"=-;r
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run];r
"Windows Update"=-;r
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run];r
"Policies"=-;r
[HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run];r
"Policies"=-;r
autoclean;
[-HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{683TY3FF-NB36-PP53-071W-A58HE82745K1}];r
c:\users\PGS.SpawN-Living\AppData\Roaming\driver\svchost.exe;f
C:\Users\PGS.SpawN-Living\AppData\Local\Torch;f
[Link mogu videti samo ulogovani korisnici];ff
ffdefaults;
firefoxlook;
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afext@anchorfree.com;f
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services];r
"TorchCrashHandler"=-;r
C:\ProgramData\TorchCrashHandler;f
c:\windows\Tasks\{6244A4AC-DBAB-43DB-A00E-827AA49D13BA}.job;f
c:\windows\Tasks\{7C7BC222-D07A-40F0-8044-453A26DF5FA6}.job;f
startupall;
c:\windows\Tasks\{8DB170A2-6FED-4CE8-81F1-88A85522D6D5}.job;f
c:\windows\Tasks\{AF8C6B23-FB74-4980-890F-C7DDE431ACAD}.job;f
[HKEY_USERS\S-1-5-21-4081597074-3522831173-4239480139-1000\Software\Microsoft\Windows\CurrentVersion\Run];r
"Microsoft Update"=-;r



Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadrzaj tog loga u poruku.



Postavi mi svež DDS izveštaj.


Ivance95 (AMF Tim)