Zavirováno - prosím o kontrolu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Knaak
Level 1
Level 1
Příspěvky: 86
Registrován: leden 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Zavirováno - prosím o kontrolu

Příspěvekod Knaak » 24 kvě 2017 07:55

Rezidentní ochranu v Malwarebytes nevidím. Je tu webová ochrana, ochrana před exploity, ochrana před malwarem, ochrana před ransomwarem.

C:\Program Files (x86)\IIS
C:\WINDOWS\SysWOW64\1111111
C:\Program Files (x86)\Ckernerghtconogh
C:\Insist
C:\WINDOWS\psgo
C:\Program Files\Z3PEORCXNX
C:\Program Files\EJR6DTYSMT
C:\Program Files\7L09Z802ED
C:\Program Files\VNO4GJ6EAX
C:\Program Files\TUH04HSRQT
C:\Program Files\ICFQ8EJIQP
C:\Program Files\EAMF23B5H9
C:\Program Files\9Y105WR5UM
znáš ty programy/složky??

Neznám, vůbec nic mi to neříká. KSMPico je už pryč, systém co nejdříve zlegalizuji.

Reklama
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Zavirováno - prosím o kontrolu

Příspěvekod Orcus » 24 kvě 2017 09:53

Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.

Knaak
Level 1
Level 1
Příspěvky: 86
Registrován: leden 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Zavirováno - prosím o kontrolu

Příspěvekod Knaak » 24 kvě 2017 11:31

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-05-2017
Ran by Lukáš (24-05-2017 11:26:00) Run:1
Running from C:\Users\Lukáš\Desktop
Loaded Profiles: Lukáš (Available Profiles: defaultuser0 & Lukáš)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-93891766-2264748017-560823220-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
S3 aswVmm; \??\C:\Users\LUK~1\AppData\Local\Temp\aswVmm.sys [X] <==== ATTENTION
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
C:\Users\Luk�\AppData\Local\DBG
C:\ProgramData\DP45977C.lfl
Task: {6716EA93-6B23-4860-84D9-35E5E398D773} - \Jnchreodugh -> No File <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-93891766-2264748017-560823220-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKLM\System\CurrentControlSet\Services\aswVmm => key could not remove, key could be protected
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
C:\Users\Lukáš\AppData\Local\DBG => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6716EA93-6B23-4860-84D9-35E5E398D773} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6716EA93-6B23-4860-84D9-35E5E398D773} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Jnchreodugh => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 35212013 B
Java, Flash, Steam htmlcache => 723 B
Windows/system/drivers => 357478 B
Edge => 0 B
Chrome => 0 B
Firefox => 373657594 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
defaultuser0 => 0 B
Lukáš => 5601019 B

RecycleBin => 0 B
EmptyTemp: => 405.6 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-05-2017 11:26:46)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswVmm => key could not remove, key could be protected

==== End of Fixlog 11:26:46 ====

Knaak
Level 1
Level 1
Příspěvky: 86
Registrován: leden 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Zavirováno - prosím o kontrolu

Příspěvekod Knaak » 24 kvě 2017 11:31

System Information (local)
--------------------------------------------------------------------------------

Computer name: DESKTOP-NS1OFLJ
Windows version: Windows 10 , 10.0, build: 15063
Windows dir: C:\WINDOWS
Hardware: ASRock, B150 Gaming K4
CPU: GenuineIntel Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz Intel586, level: 6
4 logical processors, active mask: 15
RAM: 17110306816 bytes total




--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.

On Sun 21.05.2017 11:59:36 your computer crashed
crash dump file: C:\WINDOWS\Minidump\052117-3703-01.dmp
This was probably caused by the following module: aswmbr.sys (0xFFFFF80C2D9A95AE)
Bugcheck code: 0xD1 (0xFFFFDC005F30E010, 0xFF, 0x0, 0xFFFFF80C2D9A95AE)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: aswmbr.sys .
Google query: aswmbr.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL



On Sun 21.05.2017 11:52:05 your computer crashed
crash dump file: C:\WINDOWS\Minidump\052117-3578-01.dmp
This was probably caused by the following module: aswmbr.sys (0xFFFFF80EAFFD95AE)
Bugcheck code: 0xD1 (0xFFFFC40156522010, 0xFF, 0x0, 0xFFFFF80EAFFD95AE)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: aswmbr.sys .
Google query: aswmbr.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL



On Sun 21.05.2017 11:50:25 your computer crashed
crash dump file: C:\WINDOWS\Minidump\052117-3781-01.dmp
This was probably caused by the following module: aswmbr.sys (0xFFFFF803BC2295AE)
Bugcheck code: 0xD1 (0xFFFF9100F1722010, 0xFF, 0x0, 0xFFFFF803BC2295AE)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: aswmbr.sys .
Google query: aswmbr.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL



On Sun 21.05.2017 11:48:35 your computer crashed
crash dump file: C:\WINDOWS\Minidump\052117-4000-01.dmp
This was probably caused by the following module: aswmbr.sys (0xFFFFF808758895AE)
Bugcheck code: 0xD1 (0xFFFF8281762A4010, 0xFF, 0x0, 0xFFFFF808758895AE)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: aswmbr.sys .
Google query: aswmbr.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL





--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

4 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:

aswmbr.sys

If no updates for these drivers are available, try searching with Google on the names of these drivers in combination with the errors that have been reported for these drivers. Include the brand and model name of your computer as well in the query. This often yields interesting results from discussions on the web by users who have been experiencing similar problems.


Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

Knaak
Level 1
Level 1
Příspěvky: 86
Registrován: leden 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Zavirováno - prosím o kontrolu

Příspěvekod Knaak » 24 kvě 2017 11:33

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 15063] (x64)
Date : 2017/05/24 11:32:43

-- Controller Map ----------------------------------------------------------
+ Intel(R) 100 Series/C230 Chipset Family SATA AHCI Controller [ATA]
- Crucial_CT525MX300SSD1
- Crucial_CT256MX100SSD1
- ASUS DRW-24D5MT
- Řadič prostorů úložišť [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]
- ASRock 3TB+ Unlocker [SCSI]

-- Disk List ---------------------------------------------------------------
(1) Crucial_CT525MX300SSD1 : 525,1 GB [0/0/2, pd1] - mi
(2) Crucial_CT256MX100SSD1 : 256,0 GB [1/0/4, pd1] - mi

----------------------------------------------------------------------------
(1) Crucial_CT525MX300SSD1
----------------------------------------------------------------------------
Model : Crucial_CT525MX300SSD1
Firmware : M0CR021
Serial Number : 163413BA7FC9
Disk Size : 525,1 GB (8,4/137,4/525,1/525,1)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1025610768
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-3
Minor Version : ACS-3 Revision 4
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 34 hod.
Power On Count : 181 krát
Host Writes : 1230 GB
Wear Level Count : 5
Temperature : 30 C (86 F)
Health Status : Dobrý (100 %)
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM, DevSleep
APM Level : 00FEh [ON]
AAM Level : ----
Drive Letter : D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 __0 000000000000 Raw Read Error Rate
05 100 100 _10 000000000000 Reallocated NAND Blocks
09 100 100 __0 000000000022 Power On Hours
0C 100 100 __0 0000000000B5 Power Cycle Count
AB 100 100 __0 000000000000 Program Fail Count
AC 100 100 __0 000000000000 Erase Fail Count
AD 100 100 __0 000000000005 Average Block-Erase Count
AE 100 100 __0 000000000008 Unexpected Power Loss Count
B7 100 100 __0 000000000000 SATA Interface Downshift
B8 100 100 __0 000000000000 Error Correction Count
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
C2 _70 _54 __0 002E0011001E Temperature
C4 100 100 __0 000000000000 Reallocation Event Count
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Smart Off-line Scan Uncorrectable Error Count
C7 100 100 __0 000000000000 Ultra DMA CRC Error Rate
CA 100 100 __1 000000000000 Percent Lifetime Used
CE 100 100 __0 000000000000 Write Error Rate
F6 100 100 __0 000099C88E0F Total Host Sector Writes
F7 100 100 __0 000004CE7A96 Host Program Page Count
F8 100 100 __0 000002B583E9 Background Program Page Count
B4 __0 __0 __0 000000000780 Unused Reserve NAND Blocks
D2 100 100 __0 000000000000 Successful RAIN Recovery Count

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0440 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 3136 3334 3133 4241 3746 4339
020: 0000 0000 0000 204D 3043 5230 3231 4372 7563 6961
030: 6C5F 4354 3532 354D 5833 3030 5353 4431 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4001 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB B110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 4DB8
070: 0000 0000 0000 0000 0000 001F 950E 00C6 014C 004C
080: 07F8 006D 706B 7409 6163 7069 B409 6163 407F 0001
090: 0001 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 9410 3D21 0000 0000 0000 0008 4000 0000 500A 0751
110: 13BA 7FC9 0000 0000 0000 0000 0000 0000 0000 411E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6563
130: 3930 6463 6600 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 4D54 4644 4441
150: 4B35 3235 5442 5220 0000 0000 0000 0000 0000 A5A5
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0035 0000 0000 4000
210: 0000 0000 0000 0001 0000 0000 0000 0001 0000 0000
220: 0000 0000 10FF 0000 0000 0000 0000 0000 0000 0000
230: 9410 3D21 0000 0000 0001 00FF 0000 0000 0000 0000
240: 0000 0000 0000 4000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D1A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 00 00 00 00 00 00 00 05 32
010: 00 64 64 00 00 00 00 00 00 00 09 32 00 64 64 22
020: 00 00 00 00 00 00 0C 32 00 64 64 B5 00 00 00 00
030: 00 00 AB 32 00 64 64 00 00 00 00 00 00 00 AC 32
040: 00 64 64 00 00 00 00 00 00 00 AD 32 00 64 64 05
050: 00 00 00 00 00 00 AE 32 00 64 64 08 00 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 C2 22 00 46 36 1E 00 11 00 2E
090: 00 00 C4 32 00 64 64 00 00 00 00 00 00 00 C5 32
0A0: 00 64 64 00 00 00 00 00 00 00 C6 30 00 64 64 00
0B0: 00 00 00 00 00 00 C7 32 00 64 64 00 00 00 00 00
0C0: 00 00 CA 30 00 64 64 00 00 00 00 00 00 00 CE 0E
0D0: 00 64 64 00 00 00 00 00 00 00 F6 32 00 64 64 0F
0E0: 8E C8 99 00 00 00 F7 32 00 64 64 96 7A CE 04 00
0F0: 00 00 F8 32 00 64 64 E9 83 B5 02 00 00 00 B4 33
100: 00 00 00 80 07 00 00 00 00 00 D2 32 00 64 64 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 6F 05 00 7B
170: 03 00 01 00 02 07 03 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2C

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 00 00 00 00 00 00 00 00 00 00 00 05 0A
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 AB 00 00 00 00 00 00 00 00 00 00 00 AC 00
040: 00 00 00 00 00 00 00 00 00 00 AD 00 00 00 00 00
050: 00 00 00 00 00 00 AE 00 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 00
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 CA 01 00 00 00 00 00 00 00 00 00 00 CE 00
0D0: 00 00 00 00 00 00 00 00 00 00 F6 00 00 00 00 00
0E0: 00 00 00 00 00 00 F7 00 00 00 00 00 00 00 00 00
0F0: 00 00 F8 00 00 00 00 00 00 00 00 00 00 00 B4 00
100: 00 00 00 00 00 00 00 00 00 00 D2 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 13

----------------------------------------------------------------------------
(2) Crucial_CT256MX100SSD1
----------------------------------------------------------------------------
Model : Crucial_CT256MX100SSD1
Firmware : MU01
Serial Number : 14340D0BADB8
Disk Size : 256,0 GB (8,4/137,4/256,0/256,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 500118192
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 5809 hod.
Power On Count : 1147 krát
Host Writes : 6970 GB
Wear Level Count : 53
Temperature : 29 C (84 F)
Health Status : Dobrý (99 %)
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM, DevSleep
APM Level : 00FEh [ON]
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 __0 000000000000 Raw Read Error Rate
05 100 100 __0 000000000000 Reallocated NAND Blocks
09 100 100 __0 0000000016B1 Power On Hours
0C 100 100 __0 00000000047B Power Cycle Count
AB 100 100 __0 000000000000 Program Fail Count
AC 100 100 __0 000000000000 Erase Fail Count
AD _99 _99 __0 000000000035 Average Block-Erase Count
AE 100 100 __0 000000000020 Unexpected Power Loss Count
B4 __0 __0 __0 00000000086F Unused Reserve NAND Blocks
B7 100 100 __0 000000000000 SATA Interface Downshift
B8 100 100 __0 000000000000 Error Correction Count
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
C2 _71 _48 __0 00340011001D Temperature
C4 100 100 __0 000000000000 Reallocation Event Count
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Smart Off-line Scan Uncorrectable Error Count
C7 100 100 __0 000000000001 Ultra DMA CRC Error Rate
CA _99 _99 __0 000000000001 Percent Lifetime Used
CE 100 100 __0 000000000000 Write Error Rate
D2 100 100 __0 000000000000 Successful RAIN Recovery Count
F6 100 100 __0 00036744FFD1 Total Host Sector Writes
F7 100 100 __0 00000782B9FD Host Program Page Count
F8 100 100 __0 0000424CA3C7 Background Program Page Count

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0440 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 3134 3334 3044 3042 4144 4238
020: 0000 0000 0000 4D55 3031 2020 2020 4372 7563 6961
030: 6C5F 4354 3235 364D 5831 3030 5353 4431 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4001 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB B110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 40B0
070: 0000 0000 0000 0000 0000 001F 950E 00C6 016C 004C
080: 03F8 0028 746B 7D09 6163 7469 BC09 6163 407F 0001
090: 0001 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 32B0 1DCF 0000 0000 0000 0008 6003 0000 500A 0751
110: 0D0B ADB8 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 4D55
130: 3031 2E30 342E 5330 0000 0000 0000 3236 3231 2020
140: 2020 3130 524E 3234 3431 2020 2020 4D54 4644 4441
150: 4B32 3536 4D42 4720 0000 0000 0000 0000 0001 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0035 0000 0000 4000
210: 0000 0000 0000 0001 0000 0000 0000 0001 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 00FF 0000 0000 0000 0000
240: 0000 0000 0000 4000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 3DA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 00 00 00 00 00 00 00 05 33
010: 00 64 64 00 00 00 00 00 00 00 09 32 00 64 64 B1
020: 16 00 00 00 00 00 0C 32 00 64 64 7B 04 00 00 00
030: 00 00 AB 32 00 64 64 00 00 00 00 00 00 00 AC 32
040: 00 64 64 00 00 00 00 00 00 00 AD 32 00 63 63 35
050: 00 00 00 00 00 00 AE 32 00 64 64 20 00 00 00 00
060: 00 00 B4 33 00 00 00 6F 08 00 00 00 00 65 B7 32
070: 00 64 64 00 00 00 00 00 00 00 B8 32 00 64 64 00
080: 00 00 00 00 00 00 BB 32 00 64 64 00 00 00 00 00
090: 00 00 C2 22 00 47 30 1D 00 11 00 34 00 00 C4 32
0A0: 00 64 64 00 00 00 00 00 00 00 C5 32 00 64 64 00
0B0: 00 00 00 00 00 00 C6 30 00 64 64 00 00 00 00 00
0C0: 00 00 C7 32 00 64 64 01 00 00 00 00 00 00 CA 31
0D0: 00 63 63 01 00 00 00 00 00 00 CE 0E 00 64 64 00
0E0: 00 00 00 00 00 00 D2 32 00 64 64 00 00 00 00 00
0F0: 00 2D F6 32 00 64 64 D1 FF 44 67 03 00 00 F7 32
100: 00 64 64 FD B9 82 07 00 00 00 F8 32 00 64 64 C7
110: A3 4C 42 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 80 00 A6 04 00 7B
170: 03 00 01 00 02 03 03 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8F

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 00 00 00 00 00 00 00 00 00 00 00 05 00
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 AB 00 00 00 00 00 00 00 00 00 00 00 AC 00
040: 00 00 00 00 00 00 00 00 00 00 AD 00 00 00 00 00
050: 00 00 00 00 00 00 AE 00 00 00 00 00 00 00 00 00
060: 00 00 B4 00 00 00 00 00 00 00 00 00 00 00 B7 00
070: 00 00 00 00 00 00 00 00 00 00 B8 00 00 00 00 00
080: 00 00 00 00 00 00 BB 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 CA 00
0D0: 00 00 00 00 00 00 00 00 00 00 CE 00 00 00 00 00
0E0: 00 00 00 00 00 00 D2 00 00 00 00 00 00 00 00 00
0F0: 00 00 F6 00 00 00 00 00 00 00 00 00 00 00 F7 00
100: 00 00 00 00 00 00 00 00 00 00 F8 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1E

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Zavirováno - prosím o kontrolu

Příspěvekod jaro3 » 24 kvě 2017 19:59

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
C:\Program Files (x86)\IIS
C:\WINDOWS\SysWOW64\1111111
C:\Program Files (x86)\Ckernerghtconogh
C:\Insist
C:\WINDOWS\psgo
C:\Program Files\Z3PEORCXNX
C:\Program Files\EJR6DTYSMT
C:\Program Files\7L09Z802ED
C:\Program Files\VNO4GJ6EAX
C:\Program Files\TUH04HSRQT
C:\Program Files\ICFQ8EJIQP
C:\Program Files\EAMF23B5H9
C:\Program Files\9Y105WR5UM

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Knaak
Level 1
Level 1
Příspěvky: 86
Registrován: leden 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Zavirováno - prosím o kontrolu

Příspěvekod Knaak » 24 kvě 2017 21:52

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-05-2017
Ran by Lukáš (24-05-2017 21:47:55) Run:2
Running from C:\Users\Lukáš\Desktop
Loaded Profiles: Lukáš (Available Profiles: defaultuser0 & Lukáš)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
C:\Program Files (x86)\IIS
C:\WINDOWS\SysWOW64\1111111
C:\Program Files (x86)\Ckernerghtconogh
C:\Insist
C:\WINDOWS\psgo
C:\Program Files\Z3PEORCXNX
C:\Program Files\EJR6DTYSMT
C:\Program Files\7L09Z802ED
C:\Program Files\VNO4GJ6EAX
C:\Program Files\TUH04HSRQT
C:\Program Files\ICFQ8EJIQP
C:\Program Files\EAMF23B5H9
C:\Program Files\9Y105WR5UM

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Program Files (x86)\IIS => moved successfully
C:\WINDOWS\SysWOW64\1111111 => moved successfully
C:\Program Files (x86)\Ckernerghtconogh => moved successfully
C:\Insist => moved successfully
C:\WINDOWS\psgo => moved successfully
C:\Program Files\Z3PEORCXNX => moved successfully
C:\Program Files\EJR6DTYSMT => moved successfully
C:\Program Files\7L09Z802ED => moved successfully
C:\Program Files\VNO4GJ6EAX => moved successfully
C:\Program Files\TUH04HSRQT => moved successfully
C:\Program Files\ICFQ8EJIQP => moved successfully
C:\Program Files\EAMF23B5H9 => moved successfully
C:\Program Files\9Y105WR5UM => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6509751 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 0 B
Firefox => 371233085 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
defaultuser0 => 0 B
Lukáš => 195231 B

RecycleBin => 0 B
EmptyTemp: => 370.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:47:59 ====




Zítra budu testovat paměti.

Knaak
Level 1
Level 1
Příspěvky: 86
Registrován: leden 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Zavirováno - prosím o kontrolu

Příspěvekod Knaak » 24 kvě 2017 22:05

Memtest z tvého odkazu nefungoval. Nemohl jsem ho spustit. Stáhl jsem si MemTest64.v1.0 a našel mi během minuty 5 chyb. Což asi není dobře. Mám zítra nechat běžet test několik hodin?

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Zavirováno - prosím o kontrolu

Příspěvekod jaro3 » 24 kvě 2017 22:48

Tak to je problém to vypadá na vadnou ramku nebo ramky.

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Knaak
Level 1
Level 1
Příspěvky: 86
Registrován: leden 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Zavirováno - prosím o kontrolu

Příspěvekod Knaak » 25 kvě 2017 20:30

Tak jsem nakonec spustil i ten memtest z tvého odkazu, akorát jsem tam místo All unused RAM, musel napsat 2047. Test běžel tři hodiny a zádné chyby. Ještě se na to zaměřím.

Problémy jsou pravděpodobně pryč. PC pracuje správně, nic závadného nepozoruji.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Zavirováno - prosím o kontrolu

Příspěvekod jaro3 » 25 kvě 2017 21:36

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Knaak
Level 1
Level 1
Příspěvky: 86
Registrován: leden 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Zavirováno - prosím o kontrolu  Vyřešeno

Příspěvekod Knaak » 27 kvě 2017 11:45

# DelFix v1.013 - Logfile created 27/05/2017 at 11:42:13
# Updated 17/04/2016 by Xplode
# Username : Lukáš - DESKTOP-NS1OFLJ
# Operating System : Windows 10 Pro (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\Users\Lukáš\Desktop\FRST-OlderVersion
Deleted : C:\zoek-results.log
Deleted : C:\Users\Lukáš\Desktop\AdwCleaner.exe
Deleted : C:\Users\Lukáš\Desktop\aswmbr.exe
Deleted : C:\Users\Lukáš\Desktop\Fixlog.txt
Deleted : C:\Users\Lukáš\Desktop\FRST64.exe
Deleted : C:\Users\Lukáš\Desktop\JRT.exe
Deleted : C:\Users\Lukáš\Desktop\HijackThis.exe
Deleted : C:\Users\Lukáš\Desktop\RogueKiller_portable64.exe
Deleted : C:\Users\Lukáš\Desktop\zoek.exe
Deleted : C:\Users\Lukáš\Downloads\hijackthis.log
Deleted : C:\Users\Lukáš\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 4 hosti