URL: mal

Zpráva

ibrah01 · #1 Příspěvek od **ibrah01** » 15 říj 2014 14:57

při spuštění Google chrome začne Avast řvát že zablokoval nebezpečnou hrozbu, prosím o kontrolu

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2014-10-15 15:54:22
Microsoft Windows 7 Ultimate
System drive C: has 164 GB (55%) free of 300 GB
Total RAM: 3171 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:54:28, on 15.10.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\PC\AppData\Roaming\ACEStream\engine\ace_engine.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\PC\AppData\Roaming\ACEStream\updater\ace_update.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\PC\Downloads\RSIT.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [AceStream] C:\Users\PC\AppData\Roaming\ACEStream\engine\ace_engine.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.ex

#2 Příspěvek od **Rudy** » 15 říj 2014 18:00

Zdravím!
Jak je na tom váš oper. systém s legalitou?

ibrah01 · #3 Příspěvek od **ibrah01** » 16 říj 2014 14:34

je to normálně legální operační systém

#4 Příspěvek od **Rudy** » 16 říj 2014 17:27

OK. Zkusíme tento postup:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Dejte oba logy.

ibrah01 · #5 Příspěvek od **ibrah01** » 17 říj 2014 15:52

OTL Extras logfile created on: 17.10.2014 16:33:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PC\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,10 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 54,20% Memory free
6,19 Gb Paging File | 4,62 Gb Available in Paging File | 74,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 292,87 Gb Total Space | 159,53 Gb Free Space | 54,47% Space Free | Partition Type: NTFS
Drive D: | 172,79 Gb Total Space | 172,69 Gb Free Space | 99,94% Space Free | Partition Type: NTFS

Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2188649957-782960909-1793299179-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7072A666-4AD2-4D64-AA32-A130338FECD3}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{AA66EF54-7DA3-4588-9821-28306600CF9C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{34B9C0A7-E273-489D-88F7-2733F6C7F1D8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{36BC7D83-B890-44F2-BECA-574874389283}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version9\teamviewer_service.exe |
"{3A3317D3-619D-4281-B4FF-2C7958ABC069}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version9\teamviewer.exe |
"{3B63A186-2319-43F0-8F8A-5B9714EF5EE8}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{45510465-059D-4EA7-858F-321A48904825}" = protocol=6 | dir=in | app=c:\users\pc\appdata\roaming\acestream\engine\ace_engine.exe |
"{45CD0171-AFB6-401C-99B0-F810A4E32F27}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"{82406803-6074-4407-9EE4-F2E558F6272B}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{89E78608-06AD-433F-8EBB-D3986FA3D44B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version9\teamviewer_service.exe |
"{95961EE4-DDD6-4421-85AD-0963BD176F00}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version9\teamviewer.exe |
"{9C9A0FF7-969D-47C6-909A-1261E6AB78FA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A9377C67-EDD2-46F0-A1FF-018BAFE88F06}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{AB3683FC-4600-4004-9A04-CF8BDE6F53B0}" = protocol=17 | dir=in | app=c:\users\pc\appdata\roaming\acestream\engine\ace_engine.exe |
"{B2AA3D6F-97A1-4D36-AF5E-5F9D04C01451}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CE6297E8-B6F2-45E0-AE35-744DA0D518B8}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{F7CD3E38-F123-4F42-8EF7-289E2F945491}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"{F9E37B56-186A-4C7A-99A2-C87295BBC2D6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{44AD448D-27F3-44E7-A553-224B079F559C}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{48FFAB5E-486D-4171-AFF0-41686133ECC8}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{98F32E2A-65AF-4B89-96DE-1411F0B861BA}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{A5257E51-1B82-479F-872C-DE6E0C9867B4}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F03217065FF}" = Java 7 Update 65
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53C63F43-B827-42D9-8886-4698D91EA33B}" = System Requirements Lab for Intel
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Nápověda
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9D3D2C60-A55F-4fed-B2B9-17311226DF01}" = ThinkPad Wireless LAN Adapter Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) - Czech
"{D2297D80-241F-405D-98D9-A9F56B03967C}" = Základní software zařízení HP Deskjet 1050 J410 series
"{E97F409F-9E1C-42A0-B72D-765A78DF3696}" = Software Intel® PROSet/Wireless WiFi
"{ED3522C0-331E-4BB5-BCC3-57E63E910361}" = Alcor Micro USB Card Reader
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"4K YouTube to MP3_is1" = 4K YouTube to MP3 2.9
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"Avast" = avast! Free Antivirus
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PowerISO" = PowerISO
"ProInst" = Intel PROSet Wireless
"ssinstall" = Seznam Instalátor
"TeamViewer 9" = TeamViewer 9
"The KMPlayer" = The KMPlayer (remove only)
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"ZonerPhotoStudio15_CZ_is1" = Zoner Photo Studio 15

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2188649957-782960909-1793299179-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"55ceb1c74ec3afd6" = RobotBazos
"AceStream" = Ace Stream Media 2.1.5

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 25.8.2014 1:47:15 | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ZeroConfigService.exe, verze: 15.1.0.2,
časové razítko: 0x4f4a1ff3 Název chybujícího modulu: MurocApi.dll, verze: 15.1.0.1,
časové razítko: 0x4f4a1ecc Kód výjimky: 0xc0000005 Posun chyby: 0x000217b8 ID chybujícího
procesu: 0xa9c Čas spuštění chybující aplikace: 0x01cfc027f702b298 Cesta k chybující
aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Cesta k chybujícímu
modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll ID zprávy: 44356ded-2c1b-11e4-bf7d-6817298009f2

Error - 25.8.2014 17:44:46 | Computer Name = PC-PC | Source = ssinstall | ID = 0
Description =

Error - 27.8.2014 1:50:45 | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ZeroConfigService.exe, verze: 15.1.0.2,
časové razítko: 0x4f4a1ff3 Název chybujícího modulu: MurocApi.dll, verze: 15.1.0.1,
časové razítko: 0x4f4a1ecc Kód výjimky: 0xc0000005 Posun chyby: 0x000217b8 ID chybujícího
procesu: 0xaa4 Čas spuštění chybující aplikace: 0x01cfc1bac80edb3c Cesta k chybující
aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Cesta k chybujícímu
modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll ID zprávy: 161b6c37-2dae-11e4-833b-6817298009f2

Error - 2.9.2014 9:32:48 | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ZeroConfigService.exe, verze: 15.1.0.2,
časové razítko: 0x4f4a1ff3 Název chybujícího modulu: MurocApi.dll, verze: 15.1.0.1,
časové razítko: 0x4f4a1ecc Kód výjimky: 0xc0000005 Posun chyby: 0x0002cf34 ID chybujícího
procesu: 0x980 Čas spuštění chybující aplikace: 0x01cfc6b25937d8f4 Cesta k chybující
aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Cesta k chybujícímu
modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll ID zprávy: a0ecd09b-32a5-11e4-bf07-6817298009f2

Error - 2.9.2014 16:31:01 | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ZeroConfigService.exe, verze: 15.1.0.2,
časové razítko: 0x4f4a1ff3 Název chybujícího modulu: MurocApi.dll, verze: 15.1.0.1,
časové razítko: 0x4f4a1ecc Kód výjimky: 0xc0000005 Posun chyby: 0x0002cf34 ID chybujícího
procesu: 0x910 Čas spuštění chybující aplikace: 0x01cfc6ecc820be86 Cesta k chybující
aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Cesta k chybujícímu
modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll ID zprávy: 0d1ea45e-32e0-11e4-81cd-6817298009f2

Error - 17.9.2014 1:03:04 | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ZeroConfigService.exe, verze: 15.1.0.2,
časové razítko: 0x4f4a1ff3 Název chybujícího modulu: MurocApi.dll, verze: 15.1.0.1,
časové razítko: 0x4f4a1ecc Kód výjimky: 0xc0000005 Posun chyby: 0x0002cf34 ID chybujícího
procesu: 0xa0c Čas spuštění chybující aplikace: 0x01cfd2349a922a1a Cesta k chybující
aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Cesta k chybujícímu
modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll ID zprávy: e79a5ab2-3e27-11e4-8280-6817298009f2

Error - 27.9.2014 6:15:16 | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ZeroConfigService.exe, verze: 15.1.0.2,
časové razítko: 0x4f4a1ff3 Název chybujícího modulu: MurocApi.dll, verze: 15.1.0.1,
časové razítko: 0x4f4a1ecc Kód výjimky: 0xc0000005 Posun chyby: 0x000217b8 ID chybujícího
procesu: 0x8d4 Čas spuštění chybující aplikace: 0x01cfda3be31dec7a Cesta k chybující
aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Cesta k chybujícímu
modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll ID zprávy: 2c7cfa73-462f-11e4-828f-6817298009f2

Error - 4.10.2014 2:51:23 | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ZeroConfigService.exe, verze: 15.1.0.2,
časové razítko: 0x4f4a1ff3 Název chybujícího modulu: MurocApi.dll, verze: 15.1.0.1,
časové razítko: 0x4f4a1ecc Kód výjimky: 0xc0000005 Posun chyby: 0x0002cf34 ID chybujícího
procesu: 0x944 Čas spuštění chybující aplikace: 0x01cfdf9f9182ae88 Cesta k chybující
aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Cesta k chybujícímu
modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll ID zprávy: da55c907-4b92-11e4-8173-6817298009f2

Error - 7.10.2014 16:27:27 | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ZeroConfigService.exe, verze: 15.1.0.2,
časové razítko: 0x4f4a1ff3 Název chybujícího modulu: MurocApi.dll, verze: 15.1.0.1,
časové razítko: 0x4f4a1ecc Kód výjimky: 0xc0000005 Posun chyby: 0x0002cf34 ID chybujícího
procesu: 0xb4c Čas spuštění chybující aplikace: 0x01cfe26d1417e518 Cesta k chybující
aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Cesta k chybujícímu
modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll ID zprávy: 5a319b49-4e60-11e4-811d-6817298009f2

Error - 9.10.2014 0:23:15 | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: CD-ROM.exe, verze: 2.5.0.29, časové razítko:
0x2a425e19 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdadb Kód výjimky: 0xc0000005 Posun chyby: 0x0002fc47 ID chybujícího procesu:
0x15f4 Čas spuštění chybující aplikace: 0x01cfe378a406b4d4 Cesta k chybující aplikaci:
E:\CD-ROM.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy:
fc7b79e1-4f6b-11e4-8291-6817298009f2

[ System Events ]
Error - 11.10.2014 9:05:45 | Computer Name = PC-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 11.10.2014 9:05:57 | Computer Name = PC-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 12.10.2014 2:59:14 | Computer Name = PC-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 12.10.2014 2:59:31 | Computer Name = PC-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 12.10.2014 15:37:06 | Computer Name = PC-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 12.10.2014 15:37:20 | Computer Name = PC-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 12.10.2014 15:38:43 | Computer Name = PC-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 14.10.2014 16:34:54 | Computer Name = PC-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 9 ID procesoru: 0 Další informace jsou obsaženy v podrobném zobrazení
tohoto záznamu.

Error - 15.10.2014 1:19:41 | Computer Name = PC-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 9 ID procesoru: 0 Další informace jsou obsaženy v podrobném zobrazení
tohoto záznamu.

Error - 17.10.2014 0:59:13 | Computer Name = PC-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 9 ID procesoru: 0 Další informace jsou obsaženy v podrobném zobrazení
tohoto záznamu.

< End of report >

ibrah01 · #6 Příspěvek od **ibrah01** » 17 říj 2014 15:53

OTL logfile created on: 17.10.2014 16:33:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PC\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,10 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 54,20% Memory free
6,19 Gb Paging File | 4,62 Gb Available in Paging File | 74,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 292,87 Gb Total Space | 159,53 Gb Free Space | 54,47% Space Free | Partition Type: NTFS
Drive D: | 172,79 Gb Total Space | 172,69 Gb Free Space | 99,94% Space Free | Partition Type: NTFS

Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.10.17 16:32:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Downloads\OTL.exe
PRC - [2014.10.14 16:46:30 | 000,027,904 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\ace_engine.exe
PRC - [2014.10.10 04:04:06 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014.09.12 20:14:55 | 013,559,056 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer.exe
PRC - [2014.09.12 20:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014.09.12 20:00:53 | 000,229,648 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\tv_w32.exe
PRC - [2014.09.12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.08.01 15:55:27 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014.07.20 15:55:04 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.07.11 02:39:16 | 000,511,872 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2013.10.04 18:39:55 | 002,324,216 | ---- | M] (PS Media s.r.o.) -- C:\Windows\System32\ssins.exe
PRC - [2013.04.15 11:50:34 | 000,337,432 | ---- | M] (Power Software Ltd) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2013.03.29 13:18:06 | 000,026,744 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\ace_update.exe
PRC - [2012.10.18 17:56:52 | 000,752,736 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
PRC - [2012.04.24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
PRC - [2012.02.26 05:07:52 | 002,324,752 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
PRC - [2012.02.26 05:07:32 | 000,498,960 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2012.02.26 05:07:26 | 000,107,792 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 03:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

========== Modules (No Company Name) ==========

MOD - [2014.10.14 16:46:30 | 003,054,592 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd
MOD - [2014.10.14 16:46:30 | 001,335,808 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd
MOD - [2014.10.14 16:46:30 | 000,219,136 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd
MOD - [2014.10.14 16:46:30 | 000,061,952 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\miniupnpc.pyd
MOD - [2014.10.14 16:46:30 | 000,053,248 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\_blist.pyd
MOD - [2014.10.14 16:46:30 | 000,040,448 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd
MOD - [2014.10.14 16:46:30 | 000,036,352 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\_psutil_mswindows.pyd
MOD - [2014.10.14 16:46:30 | 000,031,232 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\Crypto.Cipher.AES.pyd
MOD - [2014.10.14 16:46:30 | 000,027,904 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\ace_engine.exe
MOD - [2014.10.10 04:04:02 | 008,910,664 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.104\pdf.dll
MOD - [2014.10.10 04:03:56 | 001,042,760 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
MOD - [2014.10.10 04:03:54 | 000,211,272 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.104\libegl.dll
MOD - [2014.10.10 04:03:53 | 001,681,224 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
MOD - [2014.07.20 15:55:05 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.07.20 15:55:04 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2013.06.27 08:56:12 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2013.03.29 13:18:06 | 000,026,744 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\ace_update.exe
MOD - [2013.03.29 11:57:10 | 000,018,944 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pycompat.pyd
MOD - [2013.01.29 18:20:40 | 000,082,944 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\cpyamf.util.pyd
MOD - [2013.01.29 18:20:40 | 000,066,048 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\cpyamf.amf0.pyd
MOD - [2012.02.07 18:38:58 | 000,358,912 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll
MOD - [2012.02.07 18:38:58 | 000,358,912 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\pythoncom27.dll
MOD - [2012.02.07 18:37:24 | 000,098,816 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\win32api.pyd
MOD - [2012.02.07 18:37:24 | 000,098,816 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\win32api.pyd
MOD - [2012.02.07 18:36:30 | 000,024,064 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd
MOD - [2012.02.07 18:36:30 | 000,024,064 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd
MOD - [2012.02.07 18:36:08 | 000,111,616 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\win32file.pyd
MOD - [2012.02.07 18:36:08 | 000,111,616 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\win32file.pyd
MOD - [2012.02.07 18:35:46 | 000,110,080 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll
MOD - [2012.02.07 18:35:46 | 000,110,080 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\pywintypes27.dll
MOD - [2011.07.15 21:38:22 | 000,674,816 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd
MOD - [2011.07.15 21:38:22 | 000,674,816 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\wx._misc_.pyd
MOD - [2011.07.15 21:38:12 | 000,966,144 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd
MOD - [2011.07.15 21:38:12 | 000,966,144 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\wx._controls_.pyd
MOD - [2011.07.15 21:38:06 | 000,670,720 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd
MOD - [2011.07.15 21:38:06 | 000,670,720 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\wx._windows_.pyd
MOD - [2011.07.15 21:38:00 | 000,746,496 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd
MOD - [2011.07.15 21:38:00 | 000,746,496 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\wx._gdi_.pyd
MOD - [2011.07.15 21:37:48 | 000,981,504 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd
MOD - [2011.07.15 21:37:48 | 000,981,504 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\wx._core_.pyd
MOD - [2011.07.15 21:34:26 | 000,479,744 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\wxmsw28uh_html_vc.dll
MOD - [2011.07.15 21:34:26 | 000,479,744 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\wxmsw28uh_html_vc.dll
MOD - [2011.07.15 21:34:16 | 000,730,112 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\wxmsw28uh_adv_vc.dll
MOD - [2011.07.15 21:34:16 | 000,730,112 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\wxmsw28uh_adv_vc.dll
MOD - [2011.07.15 21:34:10 | 003,165,184 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\wxmsw28uh_core_vc.dll
MOD - [2011.07.15 21:34:10 | 003,165,184 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\wxmsw28uh_core_vc.dll
MOD - [2011.07.15 21:33:40 | 000,122,368 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\wxbase28uh_net_vc.dll
MOD - [2011.07.15 21:33:40 | 000,122,368 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\wxbase28uh_net_vc.dll
MOD - [2011.07.15 21:33:38 | 001,300,992 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\wxbase28uh_vc.dll
MOD - [2011.07.15 21:33:38 | 001,300,992 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\wxbase28uh_vc.dll
MOD - [2011.06.12 15:09:18 | 000,720,896 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd
MOD - [2011.06.12 15:09:18 | 000,720,896 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\_ssl.pyd
MOD - [2011.06.12 15:09:18 | 000,038,400 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\_socket.pyd
MOD - [2011.06.12 15:09:18 | 000,038,400 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\_socket.pyd
MOD - [2011.06.12 15:06:24 | 000,152,576 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd
MOD - [2011.06.12 15:06:24 | 000,152,576 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\pyexpat.pyd
MOD - [2011.06.12 15:06:22 | 000,287,232 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd
MOD - [2011.06.12 15:06:22 | 000,287,232 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\_hashlib.pyd
MOD - [2011.06.12 15:06:22 | 000,106,496 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\_ctypes.pyd
MOD - [2011.06.12 15:06:22 | 000,011,776 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\select.pyd
MOD - [2011.06.12 15:06:22 | 000,011,776 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\select.pyd
MOD - [2011.06.12 15:06:20 | 000,688,128 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\unicodedata.pyd
MOD - [2011.01.18 23:56:22 | 000,334,336 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd
MOD - [2011.01.18 23:56:22 | 000,334,336 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\M2Crypto.__m2crypto.pyd
MOD - [2010.10.11 00:23:52 | 000,723,968 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\lib\apsw.pyd

========== Services (SafeList) ==========

SRV - [2014.09.12 20:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014.09.12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.09.10 13:43:49 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.07.20 15:55:04 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.10.04 18:39:55 | 002,324,216 | ---- | M] (PS Media s.r.o.) [Auto | Running] -- C:\Windows\System32\ssins.exe -- (ssinstall)
SRV - [2013.08.27 05:49:08 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.04.24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2012.02.26 05:07:52 | 002,324,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV - [2012.02.26 05:07:42 | 000,241,936 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2012.02.26 05:07:32 | 000,498,960 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2012.02.26 05:07:26 | 000,107,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2014.07.20 15:55:23 | 000,414,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014.07.20 15:55:07 | 000,779,536 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014.07.20 15:55:07 | 000,192,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014.07.20 15:55:07 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014.07.20 15:55:07 | 000,071,944 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014.07.20 15:55:07 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014.07.20 15:55:07 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014.07.20 15:55:07 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2013.07.01 14:50:46 | 000,289,792 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2013.04.15 11:50:32 | 000,113,608 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2012.04.20 15:50:24 | 000,061,528 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmUStor.sys -- (AmUStor)
DRV - [2012.02.20 10:18:20 | 010,339,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Netwsn00.sys -- (NETwNs32)
DRV - [2011.06.02 12:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2188649957-782960909-1793299179-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2188649957-782960909-1793299179-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2188649957-782960909-1793299179-1000\..\SearchScopes\{E4D7E4C0-575E-426A-BF69-FDC5AA3263B7}: "URL" = http://trovi.com/ResultsExt.aspx?q={sea ... 31116&UM=4
IE - HKU\S-1-5-21-2188649957-782960909-1793299179-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=2.1.5: C:\Users\PC\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.07.20 15:55:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org: C:\Users\PC\AppData\Roaming\ACEStream\extensions\firefox\magicplayer@torrentstream.org [2014.09.27 17:39:53 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\
CHR - Extension: No name found = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\
CHR - Extension: No name found = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2013.10.03 02:17:26 | 000,000,923 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 genuine.microsoft.com
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 sls.microsoft.com
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKU\S-1-5-21-2188649957-782960909-1793299179-1000..\Run: [AceStream] C:\Users\PC\AppData\Roaming\ACEStream\engine\ace_engine.exe ()
O4 - HKU\S-1-5-21-2188649957-782960909-1793299179-1000..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe (ZONER software)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: localhost ([]http in Internet)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2188649957-782960909-1793299179-1000\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKU\S-1-5-21-2188649957-782960909-1793299179-1000\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0069A786-2FCD-4B2B-8AE8-454414D73488}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B928717A-2EE9-4919-BBCE-4E658DF09EAE}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.10.09 06:22:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Macromedia
[2014.10.09 06:22:30 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2014.09.27 17:36:56 | 000,000,000 | -H-D | C] -- C:\_acestream_cache_
[2014.09.27 17:36:30 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
[2014.09.27 17:36:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\.ACEStream
[2014.09.27 17:35:41 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\ACEStream
[2014.09.23 20:41:18 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Roman-telefon

========== Files - Modified Within 30 Days ==========

[2014.10.17 16:35:50 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.10.17 16:04:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.10.17 15:43:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.10.17 14:28:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.10.17 07:04:03 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.10.17 07:04:03 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.10.17 06:59:02 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.10.17 06:58:32 | 2494,144,512 | -HS- | M] () -- C:\hiberfil.sys
[2014.10.16 22:46:01 | 000,002,089 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.10.16 19:45:09 | 000,258,490 | ---- | M] () -- C:\Users\PC\Desktop\003.pdf
[2014.10.16 19:43:49 | 000,348,080 | ---- | M] () -- C:\Users\PC\Desktop\002.pdf
[2014.10.16 19:41:52 | 000,766,842 | ---- | M] () -- C:\Users\PC\Desktop\001.pdf
[2014.10.16 15:38:54 | 000,634,546 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.10.16 15:38:54 | 000,618,912 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.10.16 15:38:54 | 000,123,104 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.10.16 15:38:54 | 000,107,232 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.10.05 12:22:24 | 001,449,972 | ---- | M] () -- C:\Users\PC\Desktop\20140927_090136.jpg
[2014.09.27 17:36:32 | 000,001,932 | ---- | M] () -- C:\Users\PC\Desktop\Ace Player.lnk
[2014.09.27 13:47:15 | 1619,602,782 | ---- | M] () -- C:\Users\PC\Desktop\1-(2013)-DOKUMENT-O-HISTORII--F1--CZ-TITULKY-AVI-NOVINKA.avi
[2014.09.27 12:14:38 | 465,504,614 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014.09.23 17:24:47 | 006,335,296 | ---- | M] () -- C:\Users\PC\Desktop\Hody Hovorany 2014.mp3

========== Files Created - No Company Name ==========

[2014.10.17 16:35:50 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.10.16 19:45:08 | 000,258,490 | ---- | C] () -- C:\Users\PC\Desktop\003.pdf
[2014.10.16 19:43:48 | 000,348,080 | ---- | C] () -- C:\Users\PC\Desktop\002.pdf
[2014.10.16 19:41:52 | 000,766,842 | ---- | C] () -- C:\Users\PC\Desktop\001.pdf
[2014.10.05 12:14:35 | 001,449,972 | ---- | C] () -- C:\Users\PC\Desktop\20140927_090136.jpg
[2014.09.27 17:36:32 | 000,001,932 | ---- | C] () -- C:\Users\PC\Desktop\Ace Player.lnk
[2014.09.27 12:05:27 | 1619,602,782 | ---- | C] () -- C:\Users\PC\Desktop\1-(2013)-DOKUMENT-O-HISTORII--F1--CZ-TITULKY-AVI-NOVINKA.avi
[2014.09.23 17:24:07 | 006,335,296 | ---- | C] () -- C:\Users\PC\Desktop\Hody Hovorany 2014.mp3
[2014.07.16 08:37:15 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2014.05.08 14:06:48 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2013.12.09 18:51:48 | 005,479,244 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2013.12.09 18:51:43 | 000,568,437 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013.12.09 17:53:50 | 000,598,384 | ---- | C] () -- C:\Windows\System32\igvpkrng700.bin
[2013.12.09 17:53:48 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2013.12.09 17:53:45 | 000,754,652 | ---- | C] () -- C:\Windows\System32\igcodeckrng700.bin
[2013.12.09 17:53:45 | 000,077,312 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2013.12.09 17:53:44 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2013.12.09 17:53:44 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2013.11.12 15:32:28 | 000,192,352 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.11.12 15:32:26 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.10.03 01:16:47 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014.10.15 07:27:42 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.ACEStream
[2014.09.27 17:38:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ACEStream
[2013.11.12 15:33:10 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AVAST Software
[2014.07.23 23:00:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BSplayer
[2014.07.23 22:50:36 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BSplayer Pro
[2014.05.13 21:15:33 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Opera Software
[2014.01.20 19:39:27 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PowerISO
[2014.03.10 19:16:58 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TeamViewer
[2013.10.03 02:13:04 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TuneUp Software
[2013.10.20 18:06:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,558 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013.10.03 01:50:59 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.10.03 01:51:00 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.05.15 20:19:30 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\System32\drivers\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.10.15 07:27:42 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.ACEStream
[2014.09.27 17:38:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ACEStream
[2013.10.04 18:56:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Adobe
[2013.11.12 15:33:10 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AVAST Software
[2014.07.23 23:00:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BSplayer
[2014.07.23 22:50:36 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BSplayer Pro
[2013.10.03 00:57:29 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Identities
[2013.10.03 02:04:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Intel
[2014.10.09 06:22:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Macromedia
[2009.07.14 09:48:45 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Media Center Programs
[2014.03.10 19:16:23 | 000,000,000 | --SD | M] -- C:\Users\PC\AppData\Roaming\Microsoft
[2013.10.23 22:20:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Mozilla
[2014.05.13 21:15:33 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Opera Software
[2014.01.20 19:39:27 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PowerISO
[2013.10.13 14:14:25 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PSpad
[2014.10.10 23:58:53 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Skype
[2014.03.10 19:16:58 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TeamViewer
[2013.10.03 02:13:04 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TuneUp Software
[2013.10.03 02:12:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\WinRAR
[2013.10.20 18:06:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2014.09.27 17:36:16 | 000,151,515 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\Uninstall.exe
[2013.07.23 18:26:52 | 000,026,744 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\.data\ace_engine3\backup\last\ace_engine.exe
[2013.07.12 18:43:00 | 000,120,952 | ---- | M] (Innovative Digital Technologies) -- C:\Users\PC\AppData\Roaming\ACEStream\.data\ace_player3\backup\last\ace_player.exe
[2014.07.09 19:05:22 | 000,121,464 | ---- | M] (Innovative Digital Technologies) -- C:\Users\PC\AppData\Roaming\ACEStream\.data\ace_player3\download\2.2.5.2\ace_player.exe
[2013.10.14 19:20:48 | 000,026,744 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\.data\ace_updater3\download\2.3.2\ace_plugin.exe
[2014.10.14 16:46:30 | 000,027,392 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\ace_console.exe
[2014.10.14 16:46:30 | 000,027,904 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\ace_engine.exe
[2014.10.14 16:46:30 | 000,027,904 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\ace_stream.exe
[2014.10.14 16:46:30 | 007,823,480 | ---- | M] (Innovative Digital Technologies) -- C:\Users\PC\AppData\Roaming\ACEStream\engine\ace_web.exe
[2011.06.12 15:05:52 | 000,049,664 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\engine\w9xpopen.exe
[2014.07.09 19:05:22 | 000,121,464 | ---- | M] (Innovative Digital Technologies) -- C:\Users\PC\AppData\Roaming\ACEStream\player\ace_player.exe
[2013.07.12 18:43:02 | 000,121,976 | ---- | M] (Innovative Digital Technologies) -- C:\Users\PC\AppData\Roaming\ACEStream\player\vlc-cache-gen.exe
[2013.10.14 19:20:48 | 000,026,744 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\ace_plugin.exe
[2013.03.29 13:18:06 | 000,026,744 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\ace_update.exe
[2011.06.12 15:05:52 | 000,049,664 | ---- | M] () -- C:\Users\PC\AppData\Roaming\ACEStream\updater\w9xpopen.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.10.17 16:04:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.10.17 06:59:02 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.10.17 16:43:05 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.10.17 07:04:03 | 000,010,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.10.17 07:04:03 | 000,010,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.10.16 15:38:54 | 000,123,104 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014.10.16 15:38:54 | 000,107,232 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014.10.16 15:38:54 | 000,634,546 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014.10.16 15:38:54 | 000,618,912 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014.10.16 15:38:54 | 001,478,586 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2014.10.17 06:59:03 | 000,000,000 | ---- | M] () -- C:\Windows\system32\sinstall.log

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AceStream" = C:\Users\PC\AppData\Roaming\ACEStream\engine\ace_engine.exe -- [2014.10.14 16:46:30 | 000,027,904 | ---- | M] ()
"Zoner Photo Studio Autoupdate" = C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE -- [2012.10.18 17:56:52 | 000,752,736 | ---- | M] (ZONER software)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.07.14 03:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014.10.10 04:04:06 | 000,854,344 | ---- | M] (Google Inc.) MD5=B53D59915A356B06C1D7DE5B22B4177C -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.10.17 16:35:50 | 000,000,512 | ---- | M] () MD5=E905338AA7D4D051AE89F560FD8EBEB9 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014.07.15 20:55:37 | 009,062,607 | ---- | M] () -- \Users\PC\Desktop\Zálohování 2014-09-10\Downloa\Windows-7-Crack-KB971033-Original.rar

< *keygen* /s >

< *loader* /s >
[2014.08.10 17:45:42 | 000,025,025 | ---- | M] () -- \Program Files\4KDownload\4kyoutubetomp3\translation\audiodownloader_de.qm
[2014.08.10 17:45:42 | 000,020,801 | ---- | M] () -- \Program Files\4KDownload\4kyoutubetomp3\translation\audiodownloader_en.qm
[2014.08.10 17:45:42 | 000,024,923 | ---- | M] () -- \Program Files\4KDownload\4kyoutubetomp3\translation\audiodownloader_es.qm
[2014.08.10 17:45:42 | 000,025,087 | ---- | M] () -- \Program Files\4KDownload\4kyoutubetomp3\translation\audiodownloader_fr.qm
[2014.08.10 17:45:42 | 000,024,605 | ---- | M] () -- \Program Files\4KDownload\4kyoutubetomp3\translation\audiodownloader_it.qm
[2014.08.10 17:45:42 | 000,020,186 | ---- | M] () -- \Program Files\4KDownload\4kyoutubetomp3\translation\audiodownloader_ja.qm
[2014.08.10 17:45:42 | 000,024,397 | ---- | M] () -- \Program Files\4KDownload\4kyoutubetomp3\translation\audiodownloader_pt.qm
[2014.07.20 15:55:04 | 000,071,968 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2009.10.06 05:08:30 | 000,145,082 | ---- | M] () -- \Program Files\HP\HP Deskjet 1050 J410 series\Bin\HelpViewer\Resources\Loader.gif
[2012.10.18 17:48:18 | 000,430,080 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSPluginLoader.exe
[2012.10.18 17:47:30 | 000,442,368 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSPluginLoader.exe
[2012.10.18 17:48:44 | 000,194,560 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPluginLoader.exe
[2012.10.18 17:56:18 | 000,103,520 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\8bfLoader.exe
[2012.10.18 17:56:32 | 000,017,504 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\WICLoader.exe
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \The KMPlayer\ImLoader.dll
[2014.05.15 21:06:38 | 000,017,685 | ---- | M] () -- \Users\PC\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.9.0.23_0\js\configLoader.js
[2014.05.15 21:06:39 | 000,002,597 | ---- | M] () -- \Users\PC\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.9.0.23_0\js\scriptLoader.js
[2014.08.16 08:30:34 | 000,004,096 | ---- | M] () -- \Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_reloaders.com_0.localstorage
[2014.08.16 08:30:34 | 000,003,608 | ---- | M] () -- \Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_reloaders.com_0.localstorage-journal
[2014.08.16 21:06:47 | 000,018,544 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\35FIRUA9\AdLoader-0ee9685baf8ff395a7119d551063e2d4.min[1].js
[2014.09.11 18:21:19 | 000,018,715 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3W921W58\AdLoader-a5fa12058ddb9a8919d6906ba95d7c57.min[1].js
[2014.10.10 15:58:59 | 000,001,980 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3W921W58\AdLoader[1].htm
[2014.07.23 22:49:34 | 000,022,002 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3W921W58\ProgressLoader[1].gif
[2014.07.12 12:21:51 | 000,017,912 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z14IJ9HM\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014.07.31 10:37:07 | 000,001,980 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z14IJ9HM\AdLoader[1].htm
[2014.09.16 18:32:59 | 000,001,980 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z14IJ9HM\AdLoader[3].htm
[2014.07.01 11:46:16 | 000,072,638 | ---- | M] () -- \Users\PC\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.07.01 11:46:16 | 000,003,032 | ---- | M] () -- \Users\PC\AppData\Local\Skype\Apps\login\images\loader.png
[2014.07.01 11:46:16 | 000,006,012 | ---- | M] () -- \Users\PC\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.07.01 11:46:16 | 000,021,956 | ---- | M] () -- \Users\PC\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.07.01 11:46:16 | 000,009,772 | ---- | M] () -- \Users\PC\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2012.02.07 18:37:14 | 000,008,192 | ---- | M] () -- \Users\PC\AppData\Roaming\ACEStream\engine\lib\_win32sysloader.pyd
[2012.07.23 12:11:20 | 000,000,553 | ---- | M] () -- \Users\PC\AppData\Roaming\ACEStream\player\skins\fs\default\1024\loader.png
[2012.07.23 12:11:20 | 000,000,686 | ---- | M] () -- \Users\PC\AppData\Roaming\ACEStream\player\skins\fs\default\1280\loader.png
[2012.07.23 12:11:20 | 000,000,686 | ---- | M] () -- \Users\PC\AppData\Roaming\ACEStream\player\skins\fs\default\1600\loader.png
[2012.07.23 12:11:22 | 000,001,239 | ---- | M] () -- \Users\PC\AppData\Roaming\ACEStream\player\skins\fs\default\1920\loader.png
[2012.07.23 12:11:20 | 000,000,453 | ---- | M] () -- \Users\PC\AppData\Roaming\ACEStream\player\skins\fs\default\800\loader.png
[2012.07.23 12:11:20 | 000,000,477 | ---- | M] () -- \Users\PC\AppData\Roaming\ACEStream\player\skins\nofs\default\playlist\loader.png
[2012.02.07 18:37:14 | 000,008,192 | ---- | M] () -- \Users\PC\AppData\Roaming\ACEStream\updater\lib\_win32sysloader.pyd
[2013.10.03 02:23:20 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.26 19:52:20 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.26 19:52:20 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.26 19:52:20 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 06:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 06:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009.07.14 06:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2009.07.14 04:17:55 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.07.14 04:17:55 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winload.exe_75835076
[2009.07.14 04:17:55 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.26 19:50:45 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 04:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

#7 Příspěvek od **Rudy** » 17 říj 2014 16:31

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text:

:OTL
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2188649957-782960909-1793299179-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2188649957-782960909-1793299179-1000\..\SearchScopes\{E4D7E4C0-575E-426A-BF69-FDC5AA3263B7}: "URL" = http://trovi.com/ResultsExt.aspx?q={sea ... 31116&UM=4
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]
[Resethosts]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

ibrah01 · #8 Příspěvek od **ibrah01** » 17 říj 2014 16:44

zkopíroval jsem text, notebook se chtel asi po 5 sekundach bez jakekoli svolení restartovat, zmizeli ikony ale nějak zamrzl a nic se neděje a nic s tím nejde dělat a program OTP vypada že nepracuje...nic jiného než natvrdo vypnout a zapnout notas neslo udelat

#9 Příspěvek od **vyosek** » 17 říj 2014 17:29

ibrah01 píše:je to normálně legální operační systém

Zdravim

Omlouvam se kolegovi za vstup, jen bych se rad zeptal, na co tedy potrebujete v legalnim systemu crack na windows

Nebo tohle \Users\PC\Desktop\Zálohování 2014-09-10\Downloa\Windows-7-Crack-KB971033-Original.rar je simulator akvarijnich rybicek

ibrah01 · #10 Příspěvek od **ibrah01** » 17 říj 2014 17:34

to jsem zalohoval kamaradovi počítač taky proto je to ve složce zalohování

#11 Příspěvek od **Rudy** » 17 říj 2014 17:50

Zkuste to v nouz. režimu.

ibrah01 · #12 Příspěvek od **ibrah01** » 17 říj 2014 18:12

pardon, ale nevím jak na to

#13 Příspěvek od **Rudy** » 17 říj 2014 19:06

Restartujte a těsně před koncem úvodních postů při spuštění tiskněte >F8<. Objeví se menu, v němž zvolíte nouz. režim. PC nastartuje a vy pak budete pokračovat stejně, jako v normálním režimu.

ibrah01 · #14 Příspěvek od **ibrah01** » 18 říj 2014 11:13

pořád to samé...nezkusíme jiný program ?

#15 Příspěvek od **Rudy** » 18 říj 2014 11:52

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.

VIRY.CZ

URL: mal

URL: mal

Re: URL: mal

Re: URL: mal

Re: URL: mal

Re: URL: mal

Re: URL: mal

Re: URL: mal

Re: URL: mal

Re: URL: mal

Re: URL: mal

Re: URL: mal

Re: URL: mal

Re: URL: mal

Re: URL: mal

Re: URL: mal