Prosím o kontrolu log z HJT a MBAM Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

JANíčOK
Level 3
Level 3
Příspěvky: 471
Registrován: červen 06
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu log z HJT a MBAM

Příspěvekod JANíčOK » 29 dub 2017 11:22

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Jan on 29.04.2017 at 10:24:01,06.
Microsoft Windows 10 Pro 10.0.15063 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Jan\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

29.04.2017 10:24:37 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\OSTotoSoft deleted successfully
C:\PROGRA~2\VS Revo Group deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\LocalLow deleted successfully
C:\Users\Jan\AppData\Local\DBG deleted successfully
C:\Users\Jan\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\7ca6h9l3.default\prefs.js:

Added to C:\Users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\7ca6h9l3.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2kdauin0.default\prefs.js:

Added to C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2kdauin0.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\OSTotoSoft not found
C:\PROGRA~2\VS Revo Group not found
C:\PROGRA~3\Package Cache deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\7ca6h9l3.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2kdauin0.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [26.07.2016 23:08]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2kdauin0.default
5971E6AA5ED20C181395D8E91AFC49A4 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll - Shockwave Flash
C882C5B8E90780C14E44F5ACA4350B46 - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL - Microsoft Office 2016
041B820C32F477625295F176FF6E4335 - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2016


==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Jan\AppData\Local\Mozilla\Firefox\Profiles\2kdauin0.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=22 folders=24 21681387 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Jan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 29.04.2017 at 11:10:30,26 ======================

Reklama
JANíčOK
Level 3
Level 3
Příspěvky: 471
Registrován: červen 06
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu log z HJT a MBAM

Příspěvekod JANíčOK » 29 dub 2017 11:23

Zemana AntiMalware 2.72.2.388 (inštalačná verzia)

-------------------------------------------------------
Scan Result : Dokončené
Scan Date : 2017.4.29
Operating System : Windows 10 64-bit
Processor : 4X AMD Phenom(tm) II X4 965 Processor
BIOS Mode : Legacy
CUID : 12984FED787E6EC895727F
Scan Type : Kontrola systému
Duration : 5m 14s
Scanned Objects : 46489
Detected Objects : 6
Excluded Objects : 0
Read Level : Normal
Auto Upload : Zapnuté
Detect All Extensions : Vypnuté
Scan Documents : Vypnuté
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Firefox Search
Status : Skontrolované
Object : Zoznam - http://zoznam.sk
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Podozrivé nastavenie prehliadača
Cleaning Action : Opraviť
Related Objects :
Nastavenie prehliadača - Firefox Search

Firefox Search
Status : Skontrolované
Object : Slovnik.sk (EN-SK) - http://slovnik.azet.sk
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Podozrivé nastavenie prehliadača
Cleaning Action : Opraviť
Related Objects :
Nastavenie prehliadača - Firefox Search

Firefox Search
Status : Skontrolované
Object : Dunaj - http://dunaj.sk
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Podozrivé nastavenie prehliadača
Cleaning Action : Opraviť
Related Objects :
Nastavenie prehliadača - Firefox Search

Firefox Search
Status : Skontrolované
Object : Atlas - http://atlas.sk
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Podozrivé nastavenie prehliadača
Cleaning Action : Opraviť
Related Objects :
Nastavenie prehliadača - Firefox Search

Firefox Search
Status : Skontrolované
Object : Azet - http://azet.sk
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Podozrivé nastavenie prehliadača
Cleaning Action : Opraviť
Related Objects :
Nastavenie prehliadača - Firefox Search

vr_br111_lh_el_de_en_v1.exe
Status : Skontrolované
Object : %userprofile%\downloads\ts2015_downloads\vr_br111_lh_el_de_en_v1.exe
MD5 : 5861958E4B7D5F94105AC74D29626DDF
Publisher : -
Size : 282624
Version : 2.0.0.43
Detection : Malware:Win32/Cardunia.A!Atee
Cleaning Action : Karanténa
Related Objects :
Súbor - %userprofile%\downloads\ts2015_downloads\vr_br111_lh_el_de_en_v1.exe


Cleaning Result
-------------------------------------------------------
Cleaned : 6
Reported as safe : 0
Failed : 0

JANíčOK
Level 3
Level 3
Příspěvky: 471
Registrován: červen 06
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu log z HJT a MBAM

Příspěvekod JANíčOK » 29 dub 2017 11:25

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:25:08, on 29.04.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)

FIREFOX: 53.0 (x86 sk)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
C:\Users\Jan\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem21.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 10686 bytes

JANíčOK
Level 3
Level 3
Příspěvky: 471
Registrován: červen 06
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu log z HJT a MBAM

Příspěvekod JANíčOK » 29 dub 2017 11:38

Sophos Virus Removal Tool nenašiel nič.
Jediný problém mám len so spustením chkdsk cez príkazový riadok "chkdsk c: /r"; vyžaduje reštart PC a po reštarte sa nespustí. Môže to mať nejaký súvis s nálezom z MBAM, ktorý som sem dával? Niečo podobné je popísané tu.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu log z HJT a MBAM

Příspěvekod jaro3 » 29 dub 2017 13:22

Těžko říct , AdvancedSystemCare dělá všeobecně bordel v registrech a může se to projevit až po odinstalaci.

Ten návod v odkazu si dělal?

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"


Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.

Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..


Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

JANíčOK
Level 3
Level 3
Příspěvky: 471
Registrován: červen 06
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu log z HJT a MBAM

Příspěvekod JANíčOK » 29 dub 2017 14:41

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 15063] (x64)
Date : 2017/04/29 14:40:42

-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
+ ATA Channel 1 (1) [ATA]
- WDC WD5000AAKX-00ERMA0 ATA Device
+ AMD PCI IDE Controller [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ AMD SATA Controller (IDE Mode) [ATA]
- ATA Channel 0 (0)
+ ATA Channel 1 (1)
- ASUS DRW-24B5ST ATA Device
- Microsoft Storage Spaces Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AAKX-00ERMA0 : 500,1 GB [0/1/1, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD5000AAKX-00ERMA0
----------------------------------------------------------------------------
Model : WDC WD5000AAKX-00ERMA0
Firmware : 15.01H15
Serial Number : WD-WCC2EN893756
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 5015 hod.
Power On Count : 2450 krát
Temperature : 27 C (80 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chybných čítaní
03 136 135 _21 00000000104F Čas na roztočenie platní
04 _98 _98 __0 000000000992 Počet spustení/zastavení
05 200 200 140 000000000000 Počet premapovaných sektorov
07 100 253 __0 000000000000 Počet chybných vyhľadávaní
09 _94 _94 __0 000000001397 Počet odpracovaných hodín
0A 100 100 __0 000000000000 Počet opakovaných pokusov o roztočenie platní
0B 100 100 __0 000000000000 Počet pokusov o prekalibrovanie
0C _98 _98 __0 000000000992 Počet cyklov zapnutia zariadenia
C0 200 200 __0 000000000016 Počet vypnutí disku
C1 200 200 __0 00000000097B Počet cyklov načítania/vymazania
C2 116 _93 __0 00000000001B Teplota
C4 200 200 __0 000000000000 Počet udalostí s cieľom realokovania sektorov
C5 200 200 __0 000000000000 Počet podozrivých sektorov
C6 200 200 __0 000000000000 Počet neopraviteľných sektorov
C7 200 200 __0 000000000000 Počet chýb v kontrolnom súčte UltraDMA
C8 200 200 __0 000000000000 Počet chýb pri zápise sektorov

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4332 454E 3839 3337 3536
020: 0000 8000 0032 3135 2E30 3148 3135 5744 4320 5744
030: 3530 3030 4141 4B58 2D30 3045 524D 4130 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0004 0044 0040
080: 01FE 0000 746B 7D61 4123 7469 BC41 4123 407F 0029
090: 0029 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 07BC 0847 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 0179 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 29A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 88 87 4F 10 00 00 00 00 00 04 32 00 62 62 92
020: 09 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 5E 5E 97 13 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 92 09 00 00 00 00 00 C0 32
070: 00 C8 C8 16 00 00 00 00 00 00 C1 32 00 C8 C8 7B
080: 09 00 00 00 00 00 C2 22 00 74 5D 1B 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 E0 1F 01 7B
170: 03 00 01 00 02 53 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 15

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D5

JANíčOK
Level 3
Level 3
Příspěvky: 471
Registrován: červen 06
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu log z HJT a MBAM

Příspěvekod JANíčOK » 29 dub 2017 14:42

Fix v HJT - hotovo. MemTest som spustil teraz.
Podľa toho návodu som zmenil hodnotu reg. kľúča BootExecute, ale po neúspešnom sputení chkdsk a reštarte PC je tá hodnota zase nesprávna. Mám aj staršiu verziu súboru autochk.exe, ale neviem ako ho nahradiť, keďže je to systémový súbor.

Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu log z HJT a MBAM

Příspěvekod Orcus » 29 dub 2017 19:18

Nahrazení systémového souboru se dělá přes instalační médium Windowsů. Máš ho?
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.

JANíčOK
Level 3
Level 3
Příspěvky: 471
Registrován: červen 06
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu log z HJT a MBAM

Příspěvekod JANíčOK » 29 dub 2017 21:05

Mám 4 GB RAM, MemTest som spustil zatiaľ 2x po 2 hod. a bez chyby.
Inštalačku mám na USB. Je to z 11.03.2017, takže ešte bez creator update. Skúsil som aj príkaz sfc /scannow, ale autochk.exe zostal bez zmeny.

JANíčOK
Level 3
Level 3
Příspěvky: 471
Registrován: červen 06
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu log z HJT a MBAM

Příspěvekod JANíčOK » 29 dub 2017 22:26

Podarilo sa mi vymeniť súbor autochk.exe. Cez príkazový riadok som spustil chkdsk /r. Po reštarte sa síce normálne spustil, ale už dosť dlho stojí na 12%.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu log z HJT a MBAM

Příspěvekod jaro3 » 30 dub 2017 09:07

00000000104F Čas na roztočenie platní
udělej znovu CDI.


Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

JANíčOK
Level 3
Level 3
Příspěvky: 471
Registrován: červen 06
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu log z HJT a MBAM

Příspěvekod JANíčOK » 30 dub 2017 09:21

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World httpcrystalmark.info
----------------------------------------------------------------------------

OS Windows 10 Professional [10.0 Build 15063] (x64)
Date 20170430 91702

-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
+ ATA Channel 1 (1) [ATA]
- WDC WD5000AAKX-00ERMA0 ATA Device
+ AMD PCI IDE Controller [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ AMD SATA Controller (IDE Mode) [ATA]
- ATA Channel 0 (0)
+ ATA Channel 1 (1)
- ASUS DRW-24B5ST ATA Device
- Microsoft Storage Spaces Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AAKX-00ERMA0 500,1 GB [011, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD5000AAKX-00ERMA0
----------------------------------------------------------------------------
Model WDC WD5000AAKX-00ERMA0
Firmware 15.01H15
Serial Number WD-WCC2EN893756
Disk Size 500,1 GB (8,4137,4500,1500,1)
Buffer Size 16384 KB
Queue Depth 32
# of Sectors 976773168
Rotation Rate Neznámy údaj
Interface Serial ATA
Major Version ATA8-ACS
Minor Version ----
Transfer Mode SATA300 SATA600
Power On Hours 5026 hod.
Power On Count 2453 krát
Temperature 32 C (89 F)
Health Status Dobrý
Features S.M.A.R.T., 48bit LBA, NCQ
APM Level ----
AAM Level ----
Drive Letter C D

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chybných čítaní
03 143 135 _21 000000000EE8 Čas na roztočenie platní
04 _98 _98 __0 000000000995 Počet spustenízastavení
05 200 200 140 000000000000 Počet premapovaných sektorov
07 100 253 __0 000000000000 Počet chybných vyhľadávaní
09 _94 _94 __0 0000000013A2 Počet odpracovaných hodín
0A 100 100 __0 000000000000 Počet opakovaných pokusov o roztočenie platní
0B 100 100 __0 000000000000 Počet pokusov o prekalibrovanie
0C _98 _98 __0 000000000995 Počet cyklov zapnutia zariadenia
C0 200 200 __0 000000000017 Počet vypnutí disku
C1 200 200 __0 00000000097D Počet cyklov načítaniavymazania
C2 111 _93 __0 000000000020 Teplota
C4 200 200 __0 000000000000 Počet udalostí s cieľom realokovania sektorov
C5 200 200 __0 000000000000 Počet podozrivých sektorov
C6 200 200 __0 000000000000 Počet neopraviteľných sektorov
C7 200 200 __0 000000000000 Počet chýb v kontrolnom súčte UltraDMA
C8 200 200 __0 000000000000 Počet chýb pri zápise sektorov

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010 2020 2020 2057 442D 5743 4332 454E 3839 3337 3536
020 0000 8000 0032 3135 2E30 3148 3135 5744 4320 5744
030 3530 3030 4141 4B58 2D30 3045 524D 4130 2020 2020
040 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060 FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070 0000 0000 0000 0000 0000 001F 170E 0004 0044 0040
080 01FE 0000 746B 7D61 4123 7469 BC41 4123 407F 0029
090 0029 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110 07BC 0847 0000 0000 0000 0000 0000 0000 0000 4018
120 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130 0000 0000 0000 16FE 0179 0000 0000 0000 0000 0000
140 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250 0000 0000 0000 0000 0000 29A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010 00 8F 87 E8 0E 00 00 00 00 00 04 32 00 62 62 95
020 09 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040 00 5E 5E A2 13 00 00 00 00 00 0A 32 00 64 64 00
050 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060 00 00 0C 32 00 62 62 95 09 00 00 00 00 00 C0 32
070 00 C8 C8 17 00 00 00 00 00 00 C1 32 00 C8 C8 7D
080 09 00 00 00 00 00 C2 22 00 6F 5D 20 00 00 00 00
090 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160 00 00 00 00 00 00 00 00 00 00 82 00 E0 1F 01 7B
170 03 00 01 00 02 53 05 00 00 00 00 00 00 00 00 00
180 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 63

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030 00 00 07 00 64 64 00 00 00 00 00 00 00 00 09 00
040 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0 00 00 C8 00 C8 C8 00 00 00 00 00 00 00 00 00 00
0D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D5


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 10 hostů