Nefunguje CTRL C, chyba průzkumníka WIN. VIR? Vyřešeno

[buten]

Spustil jsem ten memtest. Pak udělám tyhle poslední činnosti (ten nástroj Process Explorer zní dobře, díky) a combofix bych nechal na večer nebo zítra...ještě tady zpracovávám 3 košíky třešní
Toto v HJT neovlivní k neprospěchu běh ICQ? Raději se ptám předem :)
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files (x86)\ICQLite\ICQLite.exe -trayboot

[Reklama]

[jaro3]

Nemělo by , a udělej si process explorer-otestovat na --virustotal všech spouštěných souborů.

[buten]

Takže memtest v pořádku, 6 hodin 0 errors.
Log z CrystalDiskInfo:
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2016/07/05 23:07:20
-- Controller Map ----------------------------------------------------------
- ATA Channel 1 (1) [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- WDC WD6400BEVT-22A0RT0 ATA Device
+ ATA Channel 1 (1)
- Optiarc DVD RW AD-7585H ATA Device
- ATA Channel 2 (2) [ATA]
- ATA Channel 3 (3) [ATA]
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- ATA Channel 2 (2)
- ATA Channel 3 (3)
- ATA Channel 4 (4)
- ATA Channel 5 (5)

-- Disk List ---------------------------------------------------------------
(1) WDC WD6400BEVT-22A0RT0 : 640,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD6400BEVT-22A0RT0
----------------------------------------------------------------------------
Model : WDC WD6400BEVT-22A0RT0
Firmware : 01.01A01
Serial Number : WD-WXG1A2020924
Disk Size : 640,1 GB (8,4/137,4/640,1/640,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1250263728
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 7209 hod.
Power On Count : 3345 krát
Temperature : 39 C (102 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : 80FEh [OFF]
Drive Letter : C: E:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 186 152 _21 000000000682 Čas na roztočení ploten
04 _76 _76 __0 000000005EFC Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _91 _91 __0 000000001C29 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000D11 Počet cyklů zapnutí zařízení
BF __1 __1 __0 000000000C1D Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000021 Počet vypnutí disku
C1 _39 _39 __0 00000007653D Počet cyklů načítání/vymazání
C2 108 _96 __0 000000000027 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4731 4132 3032 3039 3234
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3634 3030 4245 5654 2D32 3241 3052 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0107 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 0040
080: 01FE 0000 746B 7F09 6163 7469 BC09 6163 007F 004F
090: 004F 0060 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 82B0 4A85 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 577C 0D6C 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16D3 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A0A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 BA 98 82 06 00 00 00 00 00 04 32 00 4C 4C FC
020: 5E 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 5B 5B 29 1C 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 61 61 11 0D 00 00 00 00 00 BF 32
070: 00 01 01 1D 0C 00 00 00 00 00 C0 32 00 C8 C8 21
080: 00 00 00 00 00 00 C1 32 00 27 27 3D 65 07 00 00
090: 00 00 C2 22 00 6C 60 27 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 F0 3C 01 7B
170: 03 00 01 00 02 B5 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3E

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 33
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E8
-------------------------------------------------------------------------------------------------------------------------------------------

HJT jsem fixnul ty uvedené věci.
Javu jsem přeinstaloval (snad budou pracovat i ty starší aplikace s novou Javou). V Process Explorer několik souborů při odesílání na virustotal Systém nemůže nalézt. A u jednoho procesu mi virustotal hodil 1/56, viz odkaz
https://www.virustotal.com/cs/file/8474 ... /analysis/
Je ve složce Program files\Acer Backup Manager

[buten]

Tak ještě ten log z ComboFix
ComboFix 16-06-30.01 - Petr Hadraba 06.07.2016 12:50:13.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4091.2474 [GMT 2:00]
Spuštěný z: c:\users\Petr Hadraba\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-06-06 do 2016-07-06 )))))))))))))))))))))))))))))))
.
.
2016-07-06 10:59 . 2016-07-06 10:59 -------- d-----w- c:\users\Lenka Hadrabová\AppData\Local\temp
2016-07-06 10:59 . 2016-07-06 10:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-07-06 09:22 . 2016-07-06 09:22 -------- d-----w- C:\ProcessExplorer
2016-07-06 09:18 . 2016-07-06 09:18 -------- d-----w- c:\program files (x86)\Common Files\Java
2016-07-06 09:15 . 2016-07-06 09:15 -------- d-----w- c:\users\Petr Hadraba\.oracle_jre_usage
2016-07-06 09:15 . 2016-07-06 09:14 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-07-06 09:14 . 2016-07-06 09:14 -------- d-----w- c:\programdata\Oracle
2016-07-06 09:13 . 2016-07-06 09:13 -------- d-----w- c:\program files\Java
2016-07-05 21:04 . 2016-07-05 21:04 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-07-04 15:17 . 2016-07-04 15:17 -------- d-----w- c:\users\Petr Hadraba\AppData\Local\GHISLER
2016-07-04 15:17 . 2016-07-04 15:17 -------- d-----w- c:\users\Petr Hadraba\AppData\Roaming\VitySoft kopie 4.7.2016
2016-07-04 14:54 . 2016-07-04 14:18 24064 ----a-w- c:\windows\zoek-delete.exe
2016-07-04 14:54 . 2016-07-06 10:59 -------- d-----w- c:\users\Petr Hadraba\AppData\Local\Temp
2016-07-04 14:18 . 2016-07-04 14:45 -------- d-----w- C:\zoek_backup
2016-07-04 12:11 . 2016-07-06 09:33 -------- d-----w- c:\users\Petr Hadraba\AppData\Local\CrashDumps
2016-07-04 10:50 . 2016-07-04 13:31 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-07-04 10:50 . 2016-07-04 10:50 -------- d-----w- c:\programdata\RogueKiller
2016-07-03 10:17 . 2016-07-04 10:17 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-07-03 10:16 . 2016-07-04 10:44 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-07-03 10:16 . 2016-07-03 10:16 -------- d-----w- c:\programdata\Malwarebytes
2016-07-03 10:16 . 2016-03-10 12:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-07-03 10:16 . 2016-03-10 12:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-07-03 10:16 . 2016-03-10 12:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-07-03 10:15 . 2016-07-03 10:15 -------- d-----w- c:\users\Petr Hadraba\AppData\Local\Programs
2016-07-01 17:13 . 2016-07-04 09:19 -------- d-----w- C:\AdwCleaner
2016-06-22 21:14 . 2016-06-22 21:14 -------- d-----w- c:\users\Petr Hadraba\AppData\Roaming\Enigma Software Group
2016-06-22 21:13 . 2016-06-22 21:13 -------- d-----w- C:\sh4ldr
2016-06-22 21:12 . 2016-06-22 21:12 22704 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2016-06-22 21:12 . 2016-06-22 21:12 -------- d-----w- c:\program files\Enigma Software Group
2016-06-15 13:33 . 2016-05-12 17:15 105472 ----a-w- c:\windows\system32\winipsec.dll
2016-06-15 13:32 . 2016-05-23 22:54 235216 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-05-12 17:14 . 2016-06-15 13:34 344064 ----a-w- c:\windows\system32\schannel.dll
2016-05-12 17:14 . 2016-06-15 13:34 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-05-12 15:18 . 2016-06-15 13:34 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-05-12 15:18 . 2016-06-15 13:34 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-04-14 13:49 . 2016-05-10 18:45 603648 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2016-04-14 13:21 . 2016-05-10 18:45 647680 ----a-w- c:\windows\system32\d3d10level9.dll
2016-04-09 07:02 . 2016-05-10 18:44 631176 ----a-w- c:\windows\system32\winresume.efi
2016-04-09 07:01 . 2016-05-10 18:44 706280 ----a-w- c:\windows\system32\winload.efi
2016-04-09 07:01 . 2016-05-10 18:44 5546216 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-04-09 07:01 . 2016-05-10 18:45 986344 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2016-04-09 07:01 . 2016-05-10 18:45 264936 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2016-04-09 06:59 . 2016-05-10 18:44 3998952 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2016-04-09 06:59 . 2016-05-10 18:44 3943144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2016-04-09 06:59 . 2016-05-10 18:44 1732864 ----a-w- c:\windows\system32\ntdll.dll
2016-04-09 06:58 . 2016-05-10 18:44 362496 ----a-w- c:\windows\system32\wow64win.dll
2016-04-09 06:58 . 2016-05-10 18:44 243712 ----a-w- c:\windows\system32\wow64.dll
2016-04-09 06:58 . 2016-05-10 18:44 215552 ----a-w- c:\windows\system32\winsrv.dll
2016-04-09 06:58 . 2016-05-10 18:44 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2016-04-09 06:58 . 2016-05-10 18:44 503808 ----a-w- c:\windows\system32\srcore.dll
2016-04-09 06:58 . 2016-05-10 18:43 50176 ----a-w- c:\windows\system32\srclient.dll
2016-04-09 06:58 . 2016-05-10 18:43 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2016-04-09 06:57 . 2016-05-10 18:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2016-04-09 06:57 . 2016-05-10 18:44 1163264 ----a-w- c:\windows\system32\kernel32.dll
2016-04-09 06:57 . 2016-05-10 18:44 419840 ----a-w- c:\windows\system32\KernelBase.dll
2016-04-09 06:57 . 2016-05-10 18:44 43520 ----a-w- c:\windows\system32\csrsrv.dll
2016-04-09 06:57 . 2016-05-10 18:45 144384 ----a-w- c:\windows\system32\cdd.dll
2016-04-09 06:57 . 2016-05-10 18:44 880640 ----a-w- c:\windows\system32\advapi32.dll
2016-04-09 06:57 . 2016-05-10 18:43 6656 ----a-w- c:\windows\system32\apisetschema.dll
2016-04-09 06:57 . 2016-05-10 18:43 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 59904 ----a-w- c:\windows\system32\appidapi.dll
2016-04-09 06:57 . 2016-05-10 18:43 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 34816 ----a-w- c:\windows\system32\appidsvc.dll
2016-04-09 06:57 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-09 06:57 . 2016-05-10 18:44 1314112 ----a-w- c:\windows\SysWow64\ntdll.dll
2016-04-09 06:54 . 2016-05-10 18:44 275456 ----a-w- c:\windows\SysWow64\KernelBase.dll
2016-04-09 06:54 . 2016-05-10 18:43 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2016-04-09 06:54 . 2016-05-10 18:43 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2016-04-09 06:54 . 2016-05-10 18:44 644096 ----a-w- c:\windows\SysWow64\advapi32.dll
2016-04-09 06:54 . 2016-05-10 18:43 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2016-04-09 06:54 . 2016-05-10 18:43 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2016-04-09 06:54 . 2016-05-10 18:43 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-04-09 06:54 . 2016-05-10 18:43 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-09 06:54 . 2016-05-10 18:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2016-04-09 05:52 . 2016-05-10 18:43 148480 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2016-04-09 05:52 . 2016-05-10 18:44 62464 ----a-w- c:\windows\system32\drivers\appid.sys
2016-04-09 05:52 . 2016-05-10 18:43 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2016-04-09 05:48 . 2016-05-10 18:44 338432 ----a-w- c:\windows\system32\conhost.exe
2016-04-09 05:47 . 2016-05-10 18:43 296960 ----a-w- c:\windows\system32\rstrui.exe
2016-04-09 05:43 . 2016-05-10 18:44 112640 ----a-w- c:\windows\system32\smss.exe
2016-04-09 05:38 . 2016-05-10 18:43 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2016-04-09 05:38 . 2016-05-10 18:43 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2016-04-09 05:38 . 2016-05-10 18:43 2048 ----a-w- c:\windows\SysWow64\user.exe
2016-04-09 05:38 . 2016-05-10 18:43 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-12 39408]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"BatteryCare"="c:\program files (x86)\BatteryCare\BatteryCare.exe" [2015-06-21 797184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-24 588648]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-29 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"ICQ Lite"="c:\program files (x86)\ICQLite\ICQLite.exe" [2006-07-11 3144800]
"MimBoot"="c:\program files (x86)\Musicmatch\Musicmatch Jukebox\mimboot.exe" [2004-12-10 11776]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AVG_UI"="c:\program files (x86)\AVG\AVG2015\avuirunnerx.exe" [2016-05-12 25496]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-05-20 596504]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-26 1125152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Device Detector"="c:\program files (x86)\Common Files\ACD Systems\EN\DevDetect.exe" -autorun
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe"
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" -d
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\program files\Enigma Software Group\SpyHunter\SH4Service.exe;c:\program files\Enigma Software Group\SpyHunter\SH4Service.exe [x]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys;c:\windows\SYSNATIVE\DRIVERS\Axtmvflt.sys [x]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys;c:\windows\SYSNATIVE\DRIVERS\Axtmvmdm.sys [x]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys;c:\windows\SYSNATIVE\Drivers\Axtmvprt.sys [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2016-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-09 11:28]
.
2016-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-09 11:28]
.
2016-05-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3113488174-3376333742-618151166-1001Core.job
- c:\users\Petr Hadraba\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-09 16:39]
.
2016-07-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3113488174-3376333742-618151166-1001UA.job
- c:\users\Petr Hadraba\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-09 16:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-15 9644576]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-01-13 206208]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-06 860192]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: musicmatch.com
TCP: DhcpNameServer = 192.168.8.1 192.168.8.1
Name-Space Handler: ftp\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~2\DOWNLO~1\mdpph.dll
Name-Space Handler: http\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~2\DOWNLO~1\mdpph.dll
Name-Space Handler: https\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~2\DOWNLO~1\mdpph.dll
FF - ProfilePath - c:\users\Petr Hadraba\AppData\Roaming\Mozilla\Firefox\Profiles\0bpqrp9q.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Haihaisoft Universal Player - c:\program files (x86)\Haihaisoft Universal Player\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-07-06 13:02:52
ComboFix-quarantined-files.txt 2016-07-06 11:02
.
Před spuštěním: 3 083 927 552
Po spuštění: 3 367 256 064
.
- - End Of File - - 21E03D822E04AA82D3267599E06153AD
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

000000000682 Čas na roztočení ploten
udělej znovu CDI.

Odinstaluj:
SpyHunter

V Process Explorer několik souborů při odesílání na virustotal Systém nemůže nalézt.

o jaké soubory i s cestou se jedná?

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3113488174-3376333742-618151166-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3113488174-3376333742-618151166-1001UA.job

Folder::
c:\program files (x86)\Google\Update
c:\users\Petr Hadraba\AppData\Local\Google\Update

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[buten]

Ok, zase zítra.
Mimochodem jsem na netu (zive.cz) našel, že několik dalších uživatelů má stejný problém. V podstatě také během minulého a tohoto týdne.
A jestli to pomůže, tak občas u toho dllhost.exe je popis COM Surrogate ve správci úloh. Nešlo by jen nějak jednoduše opravit tohle? Protože tahle chyba se ukazuje v prohlížeči událostí když explorer.exe spadne.

"Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.
Načtení \SystemRoot\SysWow64\Drivers\MxlW2k.SYS bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače."
"Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23418, časové razítko: 0x570898dc
Název chybujícího modulu: psdprotect.dll, verze: 3.1.206.0, časové razítko: 0x4b664312
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000012db
ID chybujícího procesu: 0x690
Čas spuštění chybující aplikace: 0x01d1cd1aad7bf7d2
Cesta k chybující aplikaci: C:\Windows\Explorer.EXE
Cesta k chybujícímu modulu: C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll
ID zprávy: f1347042-3956-11e6-861a-88ae1d076750"

[jaro3]

Podívej se , zda tam všechny vypsané soubory.

Stáhni si a nainstaluj WhoCrashed
otevři ho a klikni na Analyze.
Program vytvoří zprávu , zkopíruj celou a vlož prosím sem.

Po Combofixu udělej ještě tohle:

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[buten]

Když jsem spustil ProcessExplorer jako správce, tak už systém našel všechny procesy a jen u toho jednoho zmíněného je nákaza 1/56 na virustotal. Takže to byla moje chyba. K tomu dalšímu se dostanu snad zítra, bohužel práce a ostatní věci také nepočkají :(

CDI report zde:
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2016/07/07 21:06:23

-- Controller Map ----------------------------------------------------------
- ATA Channel 1 (1) [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- WDC WD6400BEVT-22A0RT0 ATA Device
+ ATA Channel 1 (1)
- Optiarc DVD RW AD-7585H ATA Device
- ATA Channel 2 (2) [ATA]
- ATA Channel 3 (3) [ATA]
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- ATA Channel 2 (2)
- ATA Channel 3 (3)
- ATA Channel 4 (4)
- ATA Channel 5 (5)

-- Disk List ---------------------------------------------------------------
(1) WDC WD6400BEVT-22A0RT0 : 640,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD6400BEVT-22A0RT0
----------------------------------------------------------------------------
Model : WDC WD6400BEVT-22A0RT0
Firmware : 01.01A01
Serial Number : WD-WXG1A2020924
Disk Size : 640,1 GB (8,4/137,4/640,1/640,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1250263728
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 7223 hod.
Power On Count : 3354 krát
Temperature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : 80FEh [OFF]
Drive Letter : C: E:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 187 152 _21 000000000659 Čas na roztočení ploten
04 _76 _76 __0 000000005F1F Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _91 _91 __0 000000001C37 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000D1A Počet cyklů zapnutí zařízení
BF __1 __1 __0 000000000C20 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000021 Počet vypnutí disku
C1 _39 _39 __0 00000007691E Počet cyklů načítání/vymazání
C2 111 _96 __0 000000000024 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4731 4132 3032 3039 3234
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3634 3030 4245 5654 2D32 3241 3052 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0107 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 0040
080: 01FE 0000 746B 7F09 6163 7469 BC09 6163 007F 004F
090: 004F 0060 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 82B0 4A85 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 577C 0D6C 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16D3 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A0A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 BB 98 59 06 00 00 00 00 00 04 32 00 4C 4C 1F
020: 5F 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 5B 5B 37 1C 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 61 61 1A 0D 00 00 00 00 00 BF 32
070: 00 01 01 20 0C 00 00 00 00 00 C0 32 00 C8 C8 21
080: 00 00 00 00 00 00 C1 32 00 27 27 1E 69 07 00 00
090: 00 00 C2 22 00 6F 60 24 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 F0 3C 01 7B
170: 03 00 01 00 02 B5 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 43

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 33
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E8

[jaro3]

1/56 -- to vypadá , že je soubor čistý..

000000000659 Čas na roztočení ploten
000000000682 Čas na roztočení ploten
údaj se mění rychle , možná problém disku , motorku jeho řízení , ložiska.

[buten]

Tohle určitě není problém disku, ale nějakého softwaru EgisTec Win locker pro notebooky acer...
Mimochodem po dokončení ComboFix (po restartu pc) mi nešly spustit aplikace (word, google chrome..další jsem nezkoušel). Psalo to hlášku: Pokus použít neplatnou operaci na klíč registru, který je označen pro odstranění. Tak jsem to restartoval a zatím tohle zase jde...
Nevyzná se někdo ve zprávě o chybě exploreru? Poslal bych soubor ze složky CrashDumps...
Viděl jsem tu na fóru rady od uživatele MiliNess, psal jsem mu zprávu, ale od března se nepřihlásil :(


Log z ComboFix po spuštění toho Script.txt
ComboFix 16-06-30.01 - Petr Hadraba 08.07.2016 14:23:04.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4091.2616 [GMT 2:00]
Spuštěný z: c:\users\Petr Hadraba\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr Hadraba\Desktop\CFScript.txt
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3113488174-3376333742-618151166-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3113488174-3376333742-618151166-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.30.3\goopdate.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.30.3\psmachine.dll
c:\program files (x86)\Google\Update\1.3.30.3\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.30.3\psuser.dll
c:\program files (x86)\Google\Update\1.3.30.3\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.30.3\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{C8D9F187-1AF1-402C-9D1B-77CF4D502389}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.7619.1252\GoogleToolbarInstaller_updater_signed.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\users\Petr Hadraba\AppData\Local\Google\Update
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\GoogleCrashHandler.exe
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\GoogleUpdate.exe
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateBroker.exe
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateComRegisterShell64.exe
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateHelper.msi
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateSetup.exe
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateWebPlugin.exe
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdate.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_am.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_ar.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_bg.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_bn.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_ca.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_cs.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_da.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_de.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_el.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_en-GB.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_en.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_es-419.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_es.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_et.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_fa.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_fi.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_fil.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_fr.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_gu.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_hi.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_hr.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_hu.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_id.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_is.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_it.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_iw.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_ja.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_kn.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_ko.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_lt.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_lv.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_ml.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_mr.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_ms.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_nl.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_no.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_pl.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_pt-BR.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_pt-PT.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_ro.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_ru.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_sk.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_sl.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_sr.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_sv.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_sw.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_ta.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_te.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_th.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_tr.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_uk.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_ur.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_vi.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_zh-CN.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\goopdateres_zh-TW.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\psmachine.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\psmachine_64.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\psuser.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll
c:\users\Petr Hadraba\AppData\Local\Google\Update\Download\{2E361CAC-298E-43DB-807A-C27500842D54}\GoogleUpdateSetup.exe
c:\users\Petr Hadraba\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.30.3\GoogleUpdateSetup.exe
c:\users\Petr Hadraba\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\51.0.2704.103\51.0.2704.103_51.0.2704.84_chrome_updater.exe
c:\users\Petr Hadraba\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-06-08 do 2016-07-08 )))))))))))))))))))))))))))))))
.
.
2016-07-08 12:32 . 2016-07-08 12:32 -------- d-----w- c:\users\Lenka Hadrabová\AppData\Local\temp
2016-07-06 09:22 . 2016-07-06 09:22 -------- d-----w- C:\ProcessExplorer
2016-07-06 09:18 . 2016-07-06 09:18 -------- d-----w- c:\program files (x86)\Common Files\Java
2016-07-06 09:15 . 2016-07-06 09:15 -------- d-----w- c:\users\Petr Hadraba\.oracle_jre_usage
2016-07-06 09:15 . 2016-07-06 09:14 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-07-06 09:14 . 2016-07-06 09:14 -------- d-----w- c:\programdata\Oracle
2016-07-06 09:13 . 2016-07-06 09:13 -------- d-----w- c:\program files\Java
2016-07-05 21:04 . 2016-07-05 21:04 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-07-04 15:17 . 2016-07-04 15:17 -------- d-----w- c:\users\Petr Hadraba\AppData\Local\GHISLER
2016-07-04 15:17 . 2016-07-04 15:17 -------- d-----w- c:\users\Petr Hadraba\AppData\Roaming\VitySoft kopie 4.7.2016
2016-07-04 14:54 . 2016-07-04 14:18 24064 ----a-w- c:\windows\zoek-delete.exe
2016-07-04 14:54 . 2016-07-08 12:38 -------- d-----w- c:\users\Petr Hadraba\AppData\Local\Temp
2016-07-04 14:18 . 2016-07-04 14:45 -------- d-----w- C:\zoek_backup
2016-07-04 12:11 . 2016-07-07 19:36 -------- d-----w- c:\users\Petr Hadraba\AppData\Local\CrashDumps
2016-07-04 10:50 . 2016-07-04 13:31 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-07-04 10:50 . 2016-07-04 10:50 -------- d-----w- c:\programdata\RogueKiller
2016-07-03 10:17 . 2016-07-04 10:17 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-07-03 10:16 . 2016-07-04 10:44 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-07-03 10:16 . 2016-07-03 10:16 -------- d-----w- c:\programdata\Malwarebytes
2016-07-03 10:16 . 2016-03-10 12:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-07-03 10:16 . 2016-03-10 12:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-07-03 10:16 . 2016-03-10 12:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-07-03 10:15 . 2016-07-03 10:15 -------- d-----w- c:\users\Petr Hadraba\AppData\Local\Programs
2016-07-01 17:13 . 2016-07-04 09:19 -------- d-----w- C:\AdwCleaner
2016-06-22 21:12 . 2016-06-22 21:12 22704 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2016-06-15 13:33 . 2016-05-12 17:15 105472 ----a-w- c:\windows\system32\winipsec.dll
2016-06-15 13:32 . 2016-05-23 22:54 235216 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-05-12 17:14 . 2016-06-15 13:34 344064 ----a-w- c:\windows\system32\schannel.dll
2016-05-12 17:14 . 2016-06-15 13:34 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-05-12 15:18 . 2016-06-15 13:34 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-05-12 15:18 . 2016-06-15 13:34 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-04-14 13:49 . 2016-05-10 18:45 603648 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2016-04-14 13:21 . 2016-05-10 18:45 647680 ----a-w- c:\windows\system32\d3d10level9.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-12 39408]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"BatteryCare"="c:\program files (x86)\BatteryCare\BatteryCare.exe" [2015-06-21 797184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-24 588648]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-29 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"ICQ Lite"="c:\program files (x86)\ICQLite\ICQLite.exe" [2006-07-11 3144800]
"MimBoot"="c:\program files (x86)\Musicmatch\Musicmatch Jukebox\mimboot.exe" [2004-12-10 11776]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AVG_UI"="c:\program files (x86)\AVG\AVG2015\avuirunnerx.exe" [2016-05-12 25496]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-05-20 596504]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-26 1125152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Device Detector"="c:\program files (x86)\Common Files\ACD Systems\EN\DevDetect.exe" -autorun
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe"
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" -d
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys;c:\windows\SYSNATIVE\DRIVERS\Axtmvflt.sys [x]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys;c:\windows\SYSNATIVE\DRIVERS\Axtmvmdm.sys [x]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys;c:\windows\SYSNATIVE\Drivers\Axtmvprt.sys [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Obsah adresáře 'Naplánované úlohy'
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-15 9644576]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-01-13 206208]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-06 860192]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: musicmatch.com
TCP: DhcpNameServer = 192.168.8.1 192.168.8.1
Name-Space Handler: ftp\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~2\DOWNLO~1\mdpph.dll
Name-Space Handler: http\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~2\DOWNLO~1\mdpph.dll
Name-Space Handler: https\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~2\DOWNLO~1\mdpph.dll
FF - ProfilePath - c:\users\Petr Hadraba\AppData\Roaming\Mozilla\Firefox\Profiles\0bpqrp9q.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-Haihaisoft Universal Player - c:\program files (x86)\Haihaisoft Universal Player\Uninstall.exe
.
.
.
Celkový čas: 2016-07-08 14:46:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-07-08 12:46
ComboFix2.txt 2016-07-06 11:02
.
Před spuštěním: 4 226 052 096
Po spuštění: 4 384 153 600
.
- - End Of File - - 3A17F2F22F36C9D082B71E9684622B0E
A36C5E4F47E84449FF07ED3517B43A31


A log z HJT
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:02:35, on 8.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18347)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Musicmatch\Musicmatch Jukebox\MMDiag.exe
C:\Program Files (x86)\Musicmatch\Musicmatch Jukebox\mim.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\SysWOW64\ctfmon.exe
E:\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files (x86)\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [MimBoot] C:\Program Files (x86)\Musicmatch\Musicmatch Jukebox\mimboot.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avuirunnerx.exe" C:\Program Files (x86)\AVG\AVG2015\avgui.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BatteryCare] C:\Program Files (x86)\BatteryCare\BatteryCare.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files (x86)\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files (x86)\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files (x86)\ICQLite\ICQLite.exe
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10350 bytes

A ještě log z aswMBR
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-07-08 15:10:11
-----------------------------
15:10:11.716 OS Version: Windows x64 6.1.7601 Service Pack 1
15:10:11.716 Number of processors: 2 586 0x603
15:10:11.716 ComputerName: NOTEBOOK UserName:
15:10:16.646 Initialize success
15:10:16.771 VM: initialized successfully
15:10:16.771 VM: Amd CPU supported
15:10:43.755 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:10:43.771 Disk 0 Vendor: WDC_WD6400BEVT-22A0RT0 01.01A01 Size: 610480MB BusType: 11
15:10:43.927 Disk 0 MBR read successfully
15:10:43.927 Disk 0 MBR scan
15:10:43.942 Disk 0 Windows 7 default MBR code
15:10:43.942 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14339 MB offset 63
15:10:43.973 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 101 MB offset 29366820
15:10:43.989 Disk 0 Boot: NTFS code=1
15:10:44.005 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 299111 MB offset 29575665
15:10:44.005 Disk 0 Partition - 00 0F Extended LBA 296926 MB offset 642156544
15:10:44.036 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 296925 MB offset 642158592
15:10:44.207 Disk 0 scanning C:\Windows\system32\drivers
15:10:59.511 Service scanning
15:11:49.509 Modules scanning
15:11:49.525 Disk 0 trace - called modules:
15:11:49.556 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
15:11:49.571 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800463d060]
15:11:49.587 3 CLASSPNP.SYS[fffff88000dcb43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80045fc060]
15:11:49.603 Disk 0 statistics 105911/0/0 @ 4,68 MB/s
15:11:49.603 Scan finished successfully
15:13:48.147 Disk 0 MBR has been saved successfully to "C:\Users\Petr Hadraba\Desktop\MBR.dat"
15:13:48.163 The log file has been saved successfully to "C:\Users\Petr Hadraba\Desktop\aswMBR.txt"
---------------------------------------------------------------------------------------------------------------------------------------------------------------

A ještě zpráva z WhoCrashed
Tam je divný, že to našlo chybu z 2014. Protože ty chyby současné jsou zřejmě uložené v jiném adresáři, jinak nevím.
System Information (local)
--------------------------------------------------------------------------------

Computer name: NOTEBOOK
Windows version: Windows 7 Service Pack 1, 6.1, build: 7601
Windows dir: C:\Windows
Hardware: Aspire 5551G , Acer
CPU: AuthenticAMD AMD Athlon(tm) II P320 Dual-Core Processor AMD586, level: 16
2 logical processors, active mask: 3
RAM: 4289617920 bytes total

--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.

On Mon 1.9.2014 15:11:18 GMT your computer crashed
crash dump file: C:\Windows\Minidump\090114-28922-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x75BC0)
Bugcheck code: 0xA (0xF00408028, 0x2, 0x0, 0xFFFFF8000327367A)
Error: IRQL_NOT_LESS_OR_EQUAL
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that Microsoft Windows or a kernel-mode driver accessed paged memory at DISPATCH_LEVEL or above.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

One crash dump has been found and analyzed. No offending third party drivers have been found. Connsider using WhoCrashed Professional which offers more detailed analysis using symbol resolution. Also configuring your system to produce a full memory dump may help you.

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files (x86)\ICQLite\ICQLite.exe -trayboot

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Udělej ještrě jednou CDI.

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.

MiliNess už tu asi není.. založ si téma v této sekci:
viewforum.php?f=118

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[buten]

Ještě 2 logy z OTL
Extras.txt
OTL Extras logfile created on: 7/11/2016 11:59:53 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr Hadraba\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18349)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 2.53 Gb Available Physical Memory | 63.40% Memory free
6.83 Gb Paging File | 5.18 Gb Available in Paging File | 75.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292.10 Gb Total Space | 4.13 Gb Free Space | 1.41% Space Free | Partition Type: NTFS
Drive E: | 289.97 Gb Total Space | 4.70 Gb Free Space | 1.62% Space Free | Partition Type: NTFS

Computer Name: NOTEBOOK | User Name: Petr Hadraba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.AFZADOI2MLBGPEHRVSGURUIBG4] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\6.0\ACDSee6.exe" "%1" (ACD Systems Ltd.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\6.0\ACDSee6.exe" "%1" (ACD Systems Ltd.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A2C0E15-53C7-4EF0-B5A4-18D0F2686115}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{50C1D100-53CE-4ACD-A3D8-0501E7413698}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{C4D97865-B8CA-4602-8ACC-C8C97B0374FC}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0291E628-716F-4DE8-AB7A-F53C37558ECB}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{09D186CA-3AFA-4A41-AC7C-D59BC6B57C57}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{0FF9E515-F3C9-4A46-AE78-E31050F1C85C}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{15A4910B-45B9-4362-95F0-0C66287CA45D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{179668B9-E4DB-4DEC-8BD6-17066A4695BE}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{1A8726C0-70F9-4CC8-AA7F-CA42FD31521F}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{1FFAA89A-E51C-422F-B0A6-F55C88CD7C2D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{2E5174F3-CA61-4592-807D-6FAB75683D29}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{3D61A5A0-0975-4DD5-9210-350BD8644807}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{415C5195-73BE-40E3-9494-C0C2F6E71BEE}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{46314E5E-E561-423C-B6A5-8EA4297C4D45}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{4714420C-5C8B-4C0D-A166-6389215D2F14}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{4A86EADD-BB86-4E4F-8C4E-6BC366B61EE7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5959541A-2D49-4247-8E44-732A22ED189E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{6A0DCB75-E7F3-4281-B121-1640C3D46D58}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{9BF724CF-9525-49F2-82DA-34C636DD8AF6}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{9EC681BF-27E5-4EFC-9F3B-6F3C6A540289}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{A1C1BEA2-AB23-4C10-8DB7-865D2B8D70E6}" = protocol=6 | dir=in | app=c:\users\petr hadraba\appdata\local\google\chrome\application\chrome.exe |
"{ADBAEFE3-B90D-44BD-B7ED-929CB0685ED9}" = protocol=17 | dir=in | app=c:\users\petr hadraba\appdata\local\google\chrome\application\chrome.exe |
"{AF576CC8-B3D6-4BCA-9433-6408F0E4B3CE}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{AF88D037-106F-4514-9284-C6A493150E8A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{B6E173DC-14F6-4CA8-B539-B344FA768B99}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{D3A99F93-D3B9-4F1A-825E-F072DDE0AFB6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DC414CD4-FD99-47A8-B7F7-23B41489A0E5}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{DCD41949-C9FF-4C5C-80BD-D676E3AE6444}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{DDF0C737-7ACF-4B5B-93F1-8EE4CDFD1895}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{F5FA35E1-1D93-40C4-B774-351635E16EEB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"TCP Query User{151D7749-1AAE-49DB-BB7C-C0C896F50896}E:\hry\aoe2\empires2.exe" = protocol=6 | dir=in | app=e:\hry\aoe2\empires2.exe |
"TCP Query User{180241B9-00BD-4E7C-A8BA-D3051A706E98}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{31CD8BA2-49EC-48D9-A44D-6F34A043FF8C}E:\hry\aoe2\empires2.exe" = protocol=6 | dir=in | app=e:\hry\aoe2\empires2.exe |
"TCP Query User{8A5FC9E1-DE5E-41DC-9B59-AFF27F156EA9}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{9B1C59B4-5056-434C-8654-344E573942E5}C:\hry\shift 2 unleashed\shift2u.exe" = protocol=6 | dir=in | app=c:\hry\shift 2 unleashed\shift2u.exe |
"TCP Query User{9C725977-7AC0-4319-966A-959152059706}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{C2237E5D-ED2F-47E0-9B15-600A9D6F0C34}C:\program files (x86)\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icqlite\icqlite.exe |
"TCP Query User{C3C43C5A-C80C-4CDB-95AE-AF3D68B6853D}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{E24B0CF1-E06A-45A6-8A8F-8F9414134CA5}D:\easysetupassistant\wr720n\easysetupassistant.exe" = protocol=6 | dir=in | app=d:\easysetupassistant\wr720n\easysetupassistant.exe |
"TCP Query User{E6BA0B3C-BFCC-4EA1-93DF-DD4E54B695C5}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{F9A76FA9-B9E7-4F3F-8EFF-91D8D5EE555A}C:\program files (x86)\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icqlite\icqlite.exe |
"UDP Query User{34BE933C-5528-4010-915F-D66158E0742E}C:\program files (x86)\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icqlite\icqlite.exe |
"UDP Query User{366B9FC1-F61F-4283-BD22-63818DDD3DB9}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{4471622D-5F5E-4171-B6AA-8F65850949A1}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{626F4F49-5CB0-438E-9296-CDC9DBC34D5C}D:\easysetupassistant\wr720n\easysetupassistant.exe" = protocol=17 | dir=in | app=d:\easysetupassistant\wr720n\easysetupassistant.exe |
"UDP Query User{6FE6A969-7267-4077-88BB-CE3BB705B29A}E:\hry\aoe2\empires2.exe" = protocol=17 | dir=in | app=e:\hry\aoe2\empires2.exe |
"UDP Query User{727352A7-0CDB-48F2-ABA0-3F2CC59AC036}E:\hry\aoe2\empires2.exe" = protocol=17 | dir=in | app=e:\hry\aoe2\empires2.exe |
"UDP Query User{865A68B3-C242-4DE8-9591-3D5982B92B2A}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{8F3F8651-50C9-4B01-B457-83AE2F563E89}C:\program files (x86)\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icqlite\icqlite.exe |
"UDP Query User{ABCC2153-B230-4F8F-AB30-C8E46004E00F}C:\hry\shift 2 unleashed\shift2u.exe" = protocol=17 | dir=in | app=c:\hry\shift 2 unleashed\shift2u.exe |
"UDP Query User{CB574ABC-FFC6-42A2-A093-06CC0A42312B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{EC7F093A-1BC3-428E-B516-CD69E9A64404}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07953AD5-7789-494F-8460-C3C5433FD5DA}" = AVG 2015
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{26A24AE4-039D-4CA4-87B4-2F86418091F0}" = Java 8 Update 91 (64-bit)
"{3B20226B-63ED-B863-B224-FE40401B21CA}" = ATI Catalyst Install Manager
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}" = Microsoft .NET Framework 4.6.1
"{C070F278-F917-481A-8CFF-7DD6B928AFA8}" = AVG 2015
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EEB06ECB-38F0-68CD-B215-94D50914C0F8}" = ccc-utility64
"{F4AE51B6-81F6-4FE6-BEDF-449A4E6A5F3F}" = What'sBest! 64-bit
"AVG" = AVG 2015
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WhoCrashed_is1" = WhoCrashed 5.52

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01868E82-DA4F-BFF8-45CF-9B1CAE8810D9}" = Catalyst Control Center Core Implementation
"{01CC7DB7-909B-E630-A44A-8118036CAF3C}" = CCC Help Korean
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{07367450-E3E6-B4A1-E19C-A07429026680}" = CCC Help Swedish
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{11581B7A-E460-4078-894B-978249254D71}" = Fort Boyard - le jeu
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C42AA63-B354-56AF-69CA-FA73285368BE}" = CCC Help German
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1FFDACFC-898C-FC99-0140-AE2FC18B710E}" = Catalyst Control Center Graphics Full New
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{268E2A87-470B-118B-B3AD-6F2615B86623}" = CCC Help Greek
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3601754A-C72B-E4B3-CE39-78CCD0B58DC9}" = CCC Help Russian
"{38A0BB97-772D-422E-BCCA-4BA2A5D81F42}" = ACDSee 6.0 PowerPack
"{3A69B28B-6E44-E512-C395-EEDCB5BCB485}" = CCC Help Danish
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BA616F8-F969-4DE7-0C85-35BE954DDB8A}" = CCC Help Hungarian
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{3EED6569-D845-F8D1-9648-84729711590E}" = CCC Help Italian
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A41156A-0669-F7B5-B24C-5E25C69F1E68}" = CCC Help Turkish
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{63ADFC07-D92A-670C-3826-BB0C9CC41D8A}" = CCC Help Polish
"{6488561D-83C8-6987-6163-744E60680139}" = CCC Help Japanese
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{69CA5A5F-7541-5216-6433-DE69E4245116}" = Catalyst Control Center Graphics Light
"{69F214C9-507D-7EB5-FF08-926CFD0D5EC6}" = Catalyst Control Center Localization All
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{762CB899-DF14-EB84-78F5-888C83AA7DC3}" = Catalyst Control Center Graphics Previews Common
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83E4C065-91B9-20DD-74DA-90A71242CE18}" = CCC Help Norwegian
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{8AEAE107-B186-4EA8-5F84-3AAA3158FEB1}" = CCC Help Chinese Standard
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0405-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Czech) 2007
"{90120000-0017-0405-0000-0000000FF1CE}_OMUI.cs-cz_{13E6D9FD-5FE8-43A6-9874-515A50909DEF}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}_OMUI.cs-cz_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.cs-cz_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.cs-cz_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}_OMUI.cs-cz_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_OMUI.cs-cz_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}_OMUI.cs-cz_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0405-0000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2007
"{90120000-0100-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0405-0000-0000000FF1CE}" = Microsoft Office X MUI (Czech) 2007
"{90120000-0101-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{975B24AC-8CB7-B4E1-E666-37964657576E}" = CCC Help Chinese Traditional
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{99D7DE4C-2775-4B16-B155-7F09AE939E8E}" = Microsoft Works
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A45B7A40-694C-BAB8-EE69-4240ADFEA1FF}" = CCC Help Finnish
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AD768FF7-E329-886C-D88E-585F26BB8738}" = CCC Help Dutch
"{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}" = Windows Live Movie Maker
"{B7908330-93A8-4DB1-B6EE-6B0446E26939}" = Voice Tracer
"{B8F5BACE-194E-0203-023E-2FFEF68EE290}" = CCC Help English
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C450D07C-3914-5481-A068-29975DA5C596}" = CCC Help French
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C6A6036D-FBD0-4324-BEAA-C0845257160C}_is1" = BatteryCare 0.9.25.1
"{C9165CF3-A14D-A281-B62E-37312AA9E63D}" = CCC Help Spanish
"{D4E16961-E6FA-4689-AD09-3DB7E5770167}" = Catalyst Control Center InstallProxy
"{D6B1E149-790E-3B60-07F9-07A40ECAFBA0}" = Catalyst Control Center Graphics Full Existing
"{DBF91CC3-41F6-0D99-3D2D-686C59865652}" = ccc-core-static
"{DD49AC0F-E08A-F77D-AB38-2EE9CD5D8F0B}" = CCC Help Thai
"{DECEFADB-0486-6252-C312-49DDAC71DF33}" = CCC Help Portuguese
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{E9618350-E3C0-450b-828A-33EB3F5A941A}" = Jigs@w Puzzle 2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7425F93-2071-A946-008A-6ACA60B43FB2}" = CCC Help Czech
"{FC635D8E-FFBA-4B2C-BE68-A37D56BDFB74}" = Catalyst Control Center - Branding
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BSPlayerf" = BS.Player FREE
"ConMet" = Connection Meter
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"CrystalDiskInfo_is1" = CrystalDiskInfo 7.0.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"DownloadExpress" = MetaProducts Download Express
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Haihaisoft Universal Player" = Haihaisoft Universal Player
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQLite" = ICQ 5.1
"Identity Card" = Identity Card
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = CorelDRAW Graphics Suite 11
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{F4AE51B6-81F6-4FE6-BEDF-449A4E6A5F3F}" = What'sBest!
"LManager" = Launch Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.1.1043
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OMUI.cs-cz" = Microsoft Office Language Pack 2007 - Czech/èeština
"Totalcmd" = Total Commander (Remove or Repair)
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"XQXSetup_is1" = Xteq Systems X-Setup 6.3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/6/2016 4:51:07 AM | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23418, časové
razítko: 0x570898dc Název chybujícího modulu: psdprotect.dll, verze: 3.1.206.0,
časové razítko: 0x4b664312 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000012db
ID
chybujícího procesu: 0xaf8 Čas spuštění chybující aplikace: 0x01d1d76321921063 Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Program
Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll ID zprávy: c6c084c3-4356-11e6-880b-78e400f5c8aa

Error - 7/6/2016 5:32:51 AM | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: procexp64.exe, verze: 16.11.0.0, časové
razítko: 0x56aa559b Název chybujícího modulu: procexp64.exe, verze: 16.11.0.0, časové
razítko: 0x56aa559b Kód výjimky: 0xc0000417 Posun chyby: 0x00000000000b072d ID chybujícího
procesu: 0x12f4 Čas spuštění chybující aplikace: 0x01d1d768f1e4e42a Cesta k chybující
aplikaci: C:\Users\PETRHA~1\AppData\Local\Temp\procexp64.exe Cesta k chybujícímu
modulu: C:\Users\PETRHA~1\AppData\Local\Temp\procexp64.exe ID zprávy: 9b6c46c2-435c-11e6-880b-88ae1d076750

Error - 7/6/2016 7:13:06 AM | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23418, časové
razítko: 0x570898dc Název chybujícího modulu: psdprotect.dll, verze: 3.1.206.0,
časové razítko: 0x4b664312 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000012db
ID
chybujícího procesu: 0xb14 Čas spuštění chybující aplikace: 0x01d1d77693b7d333 Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Program
Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll ID zprávy: 9cedaed6-436a-11e6-9e9b-88ae1d076750

Error - 7/6/2016 7:17:52 AM | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ACDSee6.exe, verze: 6.0.0.64, časové razítko:
0x3f70aaf7 Název chybujícího modulu: ACDSee6.exe, verze: 6.0.0.64, časové razítko:
0x3f70aaf7 Kód výjimky: 0xc0000005 Posun chyby: 0x00120960 ID chybujícího procesu:
0x1550 Čas spuštění chybující aplikace: 0x01d1d7779aede1b0 Cesta k chybující aplikaci:
C:\Program Files (x86)\ACD Systems\ACDSee\6.0\ACDSee6.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\ACD Systems\ACDSee\6.0\ACDSee6.exe ID zprávy: 46f3cb81-436b-11e6-9e9b-88ae1d076750

Error - 7/6/2016 8:48:00 AM | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23418, časové
razítko: 0x570898dc Název chybujícího modulu: psdprotect.dll, verze: 3.1.206.0,
časové razítko: 0x4b664312 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000012db
ID
chybujícího procesu: 0x147c Čas spuštění chybující aplikace: 0x01d1d77776a2e0fc Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Program
Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll ID zprávy: de89ab9e-4377-11e6-9e9b-88ae1d076750

Error - 7/6/2016 12:53:44 PM | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23418, časové
razítko: 0x570898dc Název chybujícího modulu: psdprotect.dll, verze: 3.1.206.0,
časové razítko: 0x4b664312 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000012db
ID
chybujícího procesu: 0x450 Čas spuštění chybující aplikace: 0x01d1d7a694a322ab Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Program
Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll ID zprávy: 32ebc6d5-439a-11e6-8b4b-88ae1d076750

Error - 7/7/2016 3:35:54 PM | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: procexp64.exe, verze: 16.11.0.0, časové
razítko: 0x56aa559b Název chybujícího modulu: procexp64.exe, verze: 16.11.0.0, časové
razítko: 0x56aa559b Kód výjimky: 0xc0000417 Posun chyby: 0x00000000000b072d ID chybujícího
procesu: 0x1474 Čas spuštění chybující aplikace: 0x01d1d881ce2b4e0d Cesta k chybující
aplikaci: C:\Users\PETRHA~1\AppData\Local\Temp\procexp64.exe Cesta k chybujícímu
modulu: C:\Users\PETRHA~1\AppData\Local\Temp\procexp64.exe ID zprávy: 04cc7c1e-447a-11e6-93d9-88ae1d076750

Error - 7/8/2016 9:16:15 AM | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23418, časové
razítko: 0x570898dc Název chybujícího modulu: psdprotect.dll, verze: 3.1.206.0,
časové razítko: 0x4b664312 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000012db
ID
chybujícího procesu: 0x974 Čas spuštění chybující aplikace: 0x01d1d91804d964d1 Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Program
Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll ID zprávy: 257deff3-450e-11e6-bd41-88ae1d076750

Error - 7/9/2016 6:13:49 PM | Computer Name = Notebook | Source = Windows Search Service | ID = 3007
Description =

Error - 7/11/2016 5:57:22 AM | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23418, časové
razítko: 0x570898dc Název chybujícího modulu: psdprotect.dll, verze: 3.1.206.0,
časové razítko: 0x4b664312 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000012db
ID
chybujícího procesu: 0x9b8 Čas spuštění chybující aplikace: 0x01d1db550c74a804 Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Program
Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll ID zprávy: dc6015ef-474d-11e6-8f2b-88ae1d076750

[ OSession Events ]
Error - 11/24/2011 3:02:08 PM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 31928
seconds with 7320 seconds of active time. This session ended with a crash.

Error - 5/8/2012 10:55:54 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12480
seconds with 9660 seconds of active time. This session ended with a crash.

Error - 5/20/2015 3:17:15 PM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6720.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/9/2016 8:16:41 AM | Computer Name = Notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\MxlW2k.SYS bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.

Error - 7/9/2016 8:23:39 AM | Computer Name = Notebook | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.

Error - 7/9/2016 6:05:50 PM | Computer Name = Notebook | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 7/11/2016 5:16:07 AM | Computer Name = Notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.

Error - 7/11/2016 5:16:07 AM | Computer Name = Notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\MxlW2k.SYS bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.

Error - 7/11/2016 5:16:08 AM | Computer Name = Notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.

Error - 7/11/2016 5:16:08 AM | Computer Name = Notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\MxlW2k.SYS bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.

Error - 7/11/2016 5:19:29 AM | Computer Name = Notebook | Source = Service Control Manager | ID = 7022
Description = Služba AVGIDSAgent přestala během spouštění reagovat.

Error - 7/11/2016 5:24:22 AM | Computer Name = Notebook | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.

Error - 7/11/2016 5:36:48 AM | Computer Name = Notebook | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.


< End of report >
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------