Freeznutí ntb

[Dawood]

To myslíte normálně přes DVD s windowsama nebo nějak jinak?

[Rudy]

Startmenu>programy>příslušenství>systémové nástroje>obnovení systému.

[Dawood]

tam to nabízí jen dva dny zpět..a stímto problémem se potýkám již 5 dní.

[Rudy]

OK. Co jste instaloval těsně před tím, než se problém objevil?

[Dawood]

Naposledy se tam stahoval windows update,ale to pochybuju že to je tím,jinak jsem aktualizoval adobe reader a flash player

[Rudy]

Ty updaty by to dělat mohly. Na zkoušku je odinstalujte.

[Dawood]

Odinstaloval jsem adobe a žádnou změnu jsem nezaznamenal.

[Rudy]

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[Dawood]

ComboFix 13-05-21.01 - Speciální školy 21.05.2013 19:52:57.1.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3959.2870 [GMT 2:00]
Spuštěný z: c:\users\SpecißlnÝ Ükoly\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-21 do 2013-05-21 )))))))))))))))))))))))))))))))
.
.
2013-05-21 17:57 . 2013-05-21 17:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-21 17:34 . 2013-05-21 17:34 -------- d-----w- C:\cb6eb44f003fb3cc5c85e8a9
2013-05-21 17:26 . 2013-05-21 17:26 -------- d-----w- C:\fea74d7f72cc914381719f5d252256
2013-05-20 20:47 . 2013-05-13 23:48 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9CE393E8-16A4-4E6A-A8E7-53A393C6F05A}\mpengine.dll
2013-05-20 20:28 . 2013-05-20 20:28 -------- d-----w- C:\a6fbdfa5050a88fe5e6040880be5d1
2013-05-20 20:24 . 2013-05-21 17:48 -------- d-----w- c:\windows\system32\wbem\repository
2013-05-20 18:56 . 2013-05-20 20:19 -------- d-----w- C:\0081ae185326d1fa39
2013-05-20 18:14 . 2013-05-20 20:19 -------- d-----w- C:\e137a6328c7758f872e8
2013-05-20 11:51 . 2013-05-20 20:19 -------- d-----w- c:\program files\trend micro
2013-05-20 11:35 . 2013-05-20 20:19 -------- d-----w- C:\e0d0010b33ed6a872a
2013-05-19 13:35 . 2013-05-20 20:19 -------- d-----w- C:\3cb4926896905ecf320a5571f3
2013-05-18 13:51 . 2013-05-18 13:51 -------- d-----w- c:\program files\AVAST Software
2013-05-18 13:27 . 2013-05-18 13:51 -------- d-----w- c:\programdata\AVAST Software
2013-05-18 12:03 . 2013-05-18 12:03 -------- d-----w- c:\users\Speciální školy\AppData\Roaming\SUPERAntiSpyware.com
2013-05-18 12:03 . 2013-05-18 12:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-05-18 12:02 . 2013-05-18 12:02 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-05-18 10:00 . 2013-05-20 20:19 -------- d-----w- C:\812db613a0723d47d192
2013-05-18 08:30 . 2013-05-20 20:19 -------- d-----w- C:\83744bc3f5b23b3d34beccd9
2013-05-18 08:15 . 2013-05-18 08:15 -------- d-----w- c:\users\Speciální školy\AppData\Roaming\Hard Disk Sentinel
2013-05-18 08:15 . 2013-05-18 08:23 -------- d-----w- c:\program files (x86)\Hard Disk Sentinel
2013-05-17 21:24 . 2013-05-20 20:19 -------- d-----w- C:\c72d9587eb592fec49b114cfb238a0c2
2013-05-17 18:23 . 2013-05-20 20:19 -------- d-----w- C:\1f6a87805befcf2f2ce169d71764e09f
2013-05-17 18:17 . 2013-05-20 20:19 -------- d-----w- C:\54bda247fd81e430bac4138a6d
2013-05-17 18:10 . 2013-05-20 20:19 -------- d-----w- C:\619ff730615f049b0e48
2013-05-17 18:01 . 2013-05-20 20:19 -------- d-----w- C:\c918ad218c0921eaa632
2013-05-17 17:53 . 2013-05-20 20:19 -------- d-----w- C:\d5ff00ceae4a7eddc71037fd861a
2013-05-17 17:48 . 2013-05-20 20:19 -------- d-----w- C:\75c8c3e5c708a070d72b3287e553
2013-05-17 17:34 . 2013-05-20 20:19 -------- d-----w- C:\f7e2a5a24e39f5e89b6689a877be2ecf
2013-05-17 15:43 . 2013-05-20 20:19 -------- d-----w- C:\587e42601e66c500e9
2013-05-17 15:18 . 2013-05-20 20:19 -------- d-----w- C:\0255c27492d5797e5f72a5
2013-05-17 04:54 . 2013-05-20 20:19 -------- d-----w- C:\5adb0f0af716180e18441e
2013-05-16 18:59 . 2013-05-20 20:19 -------- d-----w- C:\4a9184a9334e6c55f0a431
2013-05-16 17:25 . 2013-05-20 20:19 -------- d-----w- C:\52445f9054bbfef1ab73e1
2013-05-16 13:41 . 2013-05-20 20:19 -------- d-----w- C:\9aa920b1789a4371e71bba
2013-05-16 13:35 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-16 13:35 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-16 13:35 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-16 13:33 . 2013-04-05 01:19 10926080 ----a-w- c:\windows\system32\ieframe.dll
2013-05-16 13:31 . 2013-05-16 13:31 -------- d-----w- c:\programdata\Arcade Lab
2013-04-30 08:23 . 2013-04-30 08:23 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation
2013-04-24 18:35 . 2013-04-24 18:35 -------- d-----w- c:\windows\SysWow64\searchplugins
2013-04-24 18:35 . 2013-04-24 18:35 -------- d-----w- c:\windows\SysWow64\Extensions
2013-04-24 12:10 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-12 08:44 . 2010-06-24 10:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06 . 2013-01-06 15:08 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-10 11:48 . 2013-01-06 16:29 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-19 06:04 . 2013-04-10 11:16 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 11:16 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 11:16 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 11:16 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 11:16 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 11:16 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-01 03:36 . 2013-04-10 11:17 3153408 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-05-15 5622512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
.
c:\users\Speciální školy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Registrace NHL™ 09.lnk - c:\program files (x86)\EA Sports\NHL 09\Support\EAregister.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~3\BROWSE~1\261249~1.132\{C16C1~1\BrowserProtect.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 203264]
R2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-03-22 2787280]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
R2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-17 246376]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-01-06 1255736]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-07 143088]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-18 12:03]
.
2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-18 12:03]
.
2013-05-18 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 5e03ff43-c80a-42f3-ac3b-308b7ee39f0d.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-07 22:37]
.
2013-05-18 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 935d397a-30d9-4369-b1dc-6b320c0f013b.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-07 22:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.delta-search.com/?affID=119816&babs ... 0F6E7C76ED
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_5742g&r=273601138875l0434z1j5v4772269o
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_5742g&r=273601138875l0434z1j5v4772269o
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 82.100.29.65 212.24.128.8
FF - ProfilePath - c:\users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe
Wow6432Node-HKCU-Run-Seznam.chromeUpdatePref - c:\users\Speciální školy\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-05-21 20:00:14
ComboFix-quarantined-files.txt 2013-05-21 18:00
.
Před spuštěním: Volných bajtů: 266 337 378 304
Po spuštění: Volných bajtů: 266 589 278 208
.
- - End Of File - - 5634A43CB6517F3B7C28948C3F66CB78

[Rudy]

Ještě dočistíme. Přesuňte ComboFix na kořenový adresář c:\. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte rovněž na kořenový adresář c:\ jako CFScript.txt. Pak jej myší v průzkumníku windows (nebo jiném souborovém manažeru) přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[Dawood]

ComboFix 13-05-21.01 - Speciální školy 21.05.2013 21:01:15.2.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3959.3089 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-21 do 2013-05-21 )))))))))))))))))))))))))))))))
.
.
2013-05-21 17:34 . 2013-05-21 17:34 -------- d-----w- C:\cb6eb44f003fb3cc5c85e8a9
2013-05-21 17:26 . 2013-05-21 17:26 -------- d-----w- C:\fea74d7f72cc914381719f5d252256
2013-05-20 20:47 . 2013-05-13 23:48 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9CE393E8-16A4-4E6A-A8E7-53A393C6F05A}\mpengine.dll
2013-05-20 20:28 . 2013-05-20 20:28 -------- d-----w- C:\a6fbdfa5050a88fe5e6040880be5d1
2013-05-20 20:24 . 2013-05-21 19:04 -------- d-----w- c:\windows\system32\wbem\repository
2013-05-20 18:56 . 2013-05-20 20:19 -------- d-----w- C:\0081ae185326d1fa39
2013-05-20 18:14 . 2013-05-20 20:19 -------- d-----w- C:\e137a6328c7758f872e8
2013-05-20 11:51 . 2013-05-20 20:19 -------- d-----w- c:\program files\trend micro
2013-05-20 11:35 . 2013-05-20 20:19 -------- d-----w- C:\e0d0010b33ed6a872a
2013-05-19 13:35 . 2013-05-20 20:19 -------- d-----w- C:\3cb4926896905ecf320a5571f3
2013-05-18 13:51 . 2013-05-18 13:51 -------- d-----w- c:\program files\AVAST Software
2013-05-18 13:27 . 2013-05-18 13:51 -------- d-----w- c:\programdata\AVAST Software
2013-05-18 12:03 . 2013-05-18 12:03 -------- d-----w- c:\users\Speciální školy\AppData\Roaming\SUPERAntiSpyware.com
2013-05-18 12:03 . 2013-05-18 12:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-05-18 12:02 . 2013-05-18 12:02 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-05-18 10:00 . 2013-05-20 20:19 -------- d-----w- C:\812db613a0723d47d192
2013-05-18 08:30 . 2013-05-20 20:19 -------- d-----w- C:\83744bc3f5b23b3d34beccd9
2013-05-18 08:15 . 2013-05-18 08:15 -------- d-----w- c:\users\Speciální školy\AppData\Roaming\Hard Disk Sentinel
2013-05-18 08:15 . 2013-05-18 08:23 -------- d-----w- c:\program files (x86)\Hard Disk Sentinel
2013-05-17 21:24 . 2013-05-20 20:19 -------- d-----w- C:\c72d9587eb592fec49b114cfb238a0c2
2013-05-17 18:23 . 2013-05-20 20:19 -------- d-----w- C:\1f6a87805befcf2f2ce169d71764e09f
2013-05-17 18:17 . 2013-05-20 20:19 -------- d-----w- C:\54bda247fd81e430bac4138a6d
2013-05-17 18:10 . 2013-05-20 20:19 -------- d-----w- C:\619ff730615f049b0e48
2013-05-17 18:01 . 2013-05-20 20:19 -------- d-----w- C:\c918ad218c0921eaa632
2013-05-17 17:53 . 2013-05-20 20:19 -------- d-----w- C:\d5ff00ceae4a7eddc71037fd861a
2013-05-17 17:48 . 2013-05-20 20:19 -------- d-----w- C:\75c8c3e5c708a070d72b3287e553
2013-05-17 17:34 . 2013-05-20 20:19 -------- d-----w- C:\f7e2a5a24e39f5e89b6689a877be2ecf
2013-05-17 15:43 . 2013-05-20 20:19 -------- d-----w- C:\587e42601e66c500e9
2013-05-17 15:18 . 2013-05-20 20:19 -------- d-----w- C:\0255c27492d5797e5f72a5
2013-05-17 04:54 . 2013-05-20 20:19 -------- d-----w- C:\5adb0f0af716180e18441e
2013-05-16 18:59 . 2013-05-20 20:19 -------- d-----w- C:\4a9184a9334e6c55f0a431
2013-05-16 17:25 . 2013-05-20 20:19 -------- d-----w- C:\52445f9054bbfef1ab73e1
2013-05-16 13:41 . 2013-05-20 20:19 -------- d-----w- C:\9aa920b1789a4371e71bba
2013-05-16 13:35 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-16 13:35 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-16 13:35 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-16 13:33 . 2013-04-05 01:19 10926080 ----a-w- c:\windows\system32\ieframe.dll
2013-05-16 13:31 . 2013-05-16 13:31 -------- d-----w- c:\programdata\Arcade Lab
2013-04-30 08:23 . 2013-04-30 08:23 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation
2013-04-24 18:35 . 2013-04-24 18:35 -------- d-----w- c:\windows\SysWow64\searchplugins
2013-04-24 18:35 . 2013-04-24 18:35 -------- d-----w- c:\windows\SysWow64\Extensions
2013-04-24 12:10 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-12 08:44 . 2010-06-24 10:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06 . 2013-01-06 15:08 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-10 11:48 . 2013-01-06 16:29 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-19 06:04 . 2013-04-10 11:16 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 11:16 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 11:16 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 11:16 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 11:16 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 11:16 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-01 03:36 . 2013-04-10 11:17 3153408 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-05-15 5622512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
.
c:\users\Speciální školy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Registrace NHL™ 09.lnk - c:\program files (x86)\EA Sports\NHL 09\Support\EAregister.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-17 246376]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-01-06 1255736]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-07 143088]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 203264]
S2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-03-22 2787280]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-18 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 5e03ff43-c80a-42f3-ac3b-308b7ee39f0d.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-07 22:37]
.
2013-05-18 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 935d397a-30d9-4369-b1dc-6b320c0f013b.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-07 22:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.delta-search.com/?affID=119816&babs ... 0F6E7C76ED
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_5742g&r=273601138875l0434z1j5v4772269o
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_5742g&r=273601138875l0434z1j5v4772269o
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 82.100.29.65 212.24.128.8
FF - ProfilePath - c:\users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Celkový čas: 2013-05-21 21:09:08 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-21 19:09
ComboFix2.txt 2013-05-21 18:00
.
Před spuštěním: Volných bajtů: 266 642 685 952
Po spuštění: Volných bajtů: 266 666 414 080
.
- - End Of File - - 550D7FFFB0C081E184A6435950322A83

[Rudy]

Log je již OK. Nastala nějaká změna?

[Dawood]

K žádné změně nedošlo.

[Rudy]

Zkusíme kontrolu disku. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log.

[Dawood]

----------------------------------------------------------------------------
CrystalDiskInfo 5.6.1 Shizuku Edition (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2013/05/22 19:23:47

-- Controller Map ----------------------------------------------------------
+ Intel(R) 5 Series 4 Port SATA AHCI Controller [ATA]
- Hitachi HTS545032B9A300
- PIONEER DVD-RW DVRTD10RS

-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS545032B9A300 : 320,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HTS545032B9A300
----------------------------------------------------------------------------
Model : Hitachi HTS545032B9A300
Firmware : PB3OC60F
Serial Number : 100831PBP304D6D12VDM
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 7208 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300
Power On Hours : 5023 hod.
Power On Count : 1986 krát
Temparature : 23 C (73 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 153 153 _33 001200000001 Čas na roztočení ploten
04 _99 _99 __0 000000000931 Počet spuštění/zastavení
05 _94 _94 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _89 _89 __0 00000000139F Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 __0 0000000007C2 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 0000000000B6 Počet vypnutí disku
C1 100 100 __0 000000001580 Počet cyklů načítání/vymazání
C2 239 239 __0 002F00060017 Teplota
C4 _94 _94 __0 0000000002DB Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000035 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3130 3038 3331 5042 5033 3034 4436 4431 3256 444D
020: 0003 3850 0004 5042 334F 4336 3046 4869 7461 6368
030: 6920 4854 5335 3435 3033 3242 3941 3330 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 0F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 005E 004C
080: 01FC 0028 746B 7F69 6163 7469 BC49 6163 407F 0034
090: 0035 4080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 8848 5000 CCA6
110: 1FCE 9694 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0301 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 4001 0000
150: 8000 0000 334F 0000 0000 B193 75A2 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 02C7 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A3A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 07 00 99 99 01
020: 00 00 00 12 00 00 04 12 00 63 63 31 09 00 00 00
030: 00 00 05 33 00 5E 5E 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 12 00 59 59 9F 13 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 63 63 C2 07 00 00 00 00 00 BF 0A 00 64 64 00
080: 00 00 00 00 00 00 C0 32 00 64 64 B6 00 00 00 00
090: 00 00 C1 12 00 64 64 80 15 00 00 00 00 00 C2 02
0A0: 00 EF EF 17 00 06 00 2F 00 00 C4 32 00 5E 5E DB
0B0: 02 00 00 00 00 00 C5 22 00 64 64 35 00 00 00 00
0C0: 00 00 C6 08 00 64 64 00 00 00 00 00 00 00 C7 0A
0D0: 00 C8 C8 00 00 00 00 00 00 00 DF 0A 00 64 64 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 85 02 01 5B
170: 03 00 01 00 02 6A 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 87

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 3E 00 00 00 00 00 00 00 00 00 00 02 28
010: 00 00 00 00 00 00 00 00 00 00 03 21 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 05 00 00 00 00 00 00 00 00 00 00 07 43
040: 00 00 00 00 00 00 00 00 00 00 08 28 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 3C 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DF 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89