prosím o kontrolu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

mafian
Level 3.5
Level 3.5
Příspěvky: 688
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 26 pro 2017 12:32

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-12-26 12:31:28
-----------------------------
12:31:28.140 OS Version: Windows 5.1.2600 Service Pack 3
12:31:28.140 Number of processors: 4 586 0x402
12:31:28.140 ComputerName: ADMIN UserName:
12:31:28.609 Initialize success
12:31:28.671 VM: initialized successfully
12:31:28.937 VM: Amd CPU BiosDisabled
12:31:38.093 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
12:31:38.093 Disk 0 Vendor: WDC_WD5000AADS-00S9B0 01.00A01 Size: 476938MB BusType: 3
12:31:38.203 Disk 0 MBR read successfully
12:31:38.203 Disk 0 MBR scan
12:31:38.203 Disk 0 Windows XP default MBR code
12:31:38.203 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 70001 MB offset 63
12:31:38.203 Disk 0 Boot: NTFS code=1
12:31:38.203 Disk 0 Partition - 00 0F Extended LBA 61059 MB offset 143364060
12:31:38.234 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 345875 MB offset 268414020
12:31:38.250 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 61059 MB offset 143364123
12:31:38.250 Disk 0 scanning sectors +976768065
12:31:38.296 Disk 0 scanning C:\WINDOWS\system32\drivers
12:31:43.625 Service scanning
12:31:49.562 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
12:31:52.093 Modules scanning
12:31:52.093 \Driver\atapi DriverInit @ 0x8b492298 suspicious
12:31:52.093 \Driver\dmio MajorFunction[ IRP_MJ_CREATE ] @ 0x8b5091f8 suspicious
12:31:52.109 \Driver\dmio MajorFunction[ IRP_MJ_CLOSE ] @ 0x8b5091f8 suspicious
12:31:52.109 \Driver\dmio MajorFunction[ IRP_MJ_READ ] @ 0x8b5091f8 suspicious
12:31:52.109 \Driver\dmio MajorFunction[ IRP_MJ_WRITE ] @ 0x8b5091f8 suspicious
12:31:52.109 \Driver\dmio MajorFunction[ IRP_MJ_FLUSH_BUFFERS ] @ 0x8b5091f8 suspicious
12:31:52.109 \Driver\dmio MajorFunction[ IRP_MJ_DEVICE_CONTROL ] @ 0x8b5091f8 suspicious
12:31:52.125 \Driver\dmio MajorFunction[ IRP_MJ_INTERNAL_DEVICE_CONTROL ] @ 0x8b5091f8 suspicious
12:31:52.125 \Driver\dmio MajorFunction[ IRP_MJ_SHUTDOWN ] @ 0x8b5091f8 suspicious
12:31:52.125 \Driver\dmio MajorFunction[ IRP_MJ_POWER ] @ 0x8b5091f8 suspicious
12:31:52.125 \Driver\dmio MajorFunction[ IRP_MJ_SYSTEM_CONTROL ] @ 0x8b5091f8 suspicious
12:31:52.125 \Driver\usbohci MajorFunction[ IRP_MJ_CREATE ] @ 0x8b3331f8 suspicious
12:31:52.125 \Driver\usbohci MajorFunction[ IRP_MJ_CLOSE ] @ 0x8b3331f8 suspicious
12:31:52.125 \Driver\usbohci MajorFunction[ IRP_MJ_DEVICE_CONTROL ] @ 0x8b3331f8 suspicious
12:31:52.125 \Driver\usbohci MajorFunction[ IRP_MJ_INTERNAL_DEVICE_CONTROL ] @ 0x8b3331f8 suspicious
12:31:52.140 \Driver\usbohci MajorFunction[ IRP_MJ_POWER ] @ 0x8b3331f8 suspicious
12:31:52.140 \Driver\usbohci MajorFunction[ IRP_MJ_SYSTEM_CONTROL ] @ 0x8b3331f8 suspicious
12:31:52.140 \Driver\Ftdisk MajorFunction[ IRP_MJ_CREATE ] @ 0x8b4931f8 suspicious
12:31:52.140 \Driver\Ftdisk MajorFunction[ IRP_MJ_READ ] @ 0x8b4931f8 suspicious
12:31:52.140 \Driver\Ftdisk MajorFunction[ IRP_MJ_WRITE ] @ 0x8b4931f8 suspicious
12:31:52.140 \Driver\Ftdisk MajorFunction[ IRP_MJ_FLUSH_BUFFERS ] @ 0x8b4931f8 suspicious
12:31:52.140 \Driver\Ftdisk MajorFunction[ IRP_MJ_DEVICE_CONTROL ] @ 0x8b4931f8 suspicious
12:31:52.140 \Driver\Ftdisk MajorFunction[ IRP_MJ_INTERNAL_DEVICE_CONTROL ] @ 0x8b4931f8 suspicious
12:31:52.140 \Driver\Ftdisk MajorFunction[ IRP_MJ_SHUTDOWN ] @ 0x8b4931f8 suspicious
12:31:52.156 \Driver\Ftdisk MajorFunction[ IRP_MJ_CLEANUP ] @ 0x8b4931f8 suspicious
12:31:52.156 \Driver\Ftdisk MajorFunction[ IRP_MJ_POWER ] @ 0x8b4931f8 suspicious
12:31:52.156 \Driver\Ftdisk MajorFunction[ IRP_MJ_SYSTEM_CONTROL ] @ 0x8b4931f8 suspicious
12:31:52.156 \Driver\NetBT MajorFunction[ IRP_MJ_CREATE ] @ 0x8acec1f8 suspicious
12:31:52.156 \Driver\NetBT MajorFunction[ IRP_MJ_CLOSE ] @ 0x8acec1f8 suspicious
12:31:52.156 \Driver\NetBT MajorFunction[ IRP_MJ_DEVICE_CONTROL ] @ 0x8acec1f8 suspicious
12:31:52.156 \Driver\NetBT MajorFunction[ IRP_MJ_INTERNAL_DEVICE_CONTROL ] @ 0x8acec1f8 suspicious
12:31:52.156 \Driver\NetBT MajorFunction[ IRP_MJ_CLEANUP ] @ 0x8acec1f8 suspicious
12:31:52.171 \Driver\Cdrom MajorFunction[ IRP_MJ_CREATE ] @ 0x8b30b500 suspicious
12:31:52.171 \Driver\Cdrom MajorFunction[ IRP_MJ_CLOSE ] @ 0x8b30b500 suspicious
12:31:52.171 \Driver\Cdrom MajorFunction[ IRP_MJ_READ ] @ 0x8b30b500 suspicious
12:31:52.171 \Driver\Cdrom MajorFunction[ IRP_MJ_WRITE ] @ 0x8b30b500 suspicious
12:31:52.171 \Driver\Cdrom MajorFunction[ IRP_MJ_FLUSH_BUFFERS ] @ 0x8b30b500 suspicious
12:31:52.171 \Driver\Cdrom MajorFunction[ IRP_MJ_DEVICE_CONTROL ] @ 0x8b30b500 suspicious
12:31:52.171 \Driver\Cdrom MajorFunction[ IRP_MJ_INTERNAL_DEVICE_CONTROL ] @ 0x8b30b500 suspicious
12:31:52.171 \Driver\Cdrom MajorFunction[ IRP_MJ_SHUTDOWN ] @ 0x8b30b500 suspicious
12:31:52.187 \Driver\Cdrom MajorFunction[ IRP_MJ_POWER ] @ 0x8b30b500 suspicious
12:31:52.187 \Driver\Cdrom MajorFunction[ IRP_MJ_SYSTEM_CONTROL ] @ 0x8b30b500 suspicious
12:31:52.187 \Driver\usbehci MajorFunction[ IRP_MJ_CREATE ] @ 0x8b3311f8 suspicious
12:31:52.187 \Driver\usbehci MajorFunction[ IRP_MJ_CLOSE ] @ 0x8b3311f8 suspicious
12:31:52.187 \Driver\usbehci MajorFunction[ IRP_MJ_DEVICE_CONTROL ] @ 0x8b3311f8 suspicious
12:31:52.187 \Driver\usbehci MajorFunction[ IRP_MJ_INTERNAL_DEVICE_CONTROL ] @ 0x8b3311f8 suspicious
12:31:52.187 \Driver\usbehci MajorFunction[ IRP_MJ_POWER ] @ 0x8b3311f8 suspicious
12:31:52.187 \Driver\usbehci MajorFunction[ IRP_MJ_SYSTEM_CONTROL ] @ 0x8b3311f8 suspicious
12:31:52.203 \Driver\dtsoftbus01 MajorFunction[ IRP_MJ_CREATE ] @ 0x8b1f11f8 suspicious
12:31:52.203 \Driver\dtsoftbus01 MajorFunction[ IRP_MJ_CLOSE ] @ 0x8b1f11f8 suspicious
12:31:52.203 \Driver\dtsoftbus01 MajorFunction[ IRP_MJ_DEVICE_CONTROL ] @ 0x8b1f11f8 suspicious
12:31:52.203 \Driver\dtsoftbus01 MajorFunction[ IRP_MJ_INTERNAL_DEVICE_CONTROL ] @ 0x8b1f11f8 suspicious
12:31:52.203 \Driver\dtsoftbus01 MajorFunction[ IRP_MJ_POWER ] @ 0x8b1f11f8 suspicious
12:31:52.203 \Driver\dtsoftbus01 MajorFunction[ IRP_MJ_SYSTEM_CONTROL ] @ 0x8b1f11f8 suspicious
12:31:52.203 Disk 0 trace - called modules:
12:31:52.218 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spjx.sys >>UNKNOWN [0x8b4b3938]<<
12:31:52.218 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b40dab8]
12:31:52.234 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\0000007c[0x8b462198]
12:31:52.234 5 ACPI.sys[b9e74620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8b460940]
12:31:52.234 Disk 0 statistics 71637/0/0 @ 6,85 MB/s
12:31:52.234 Scan finished successfully
12:32:02.390 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\uživatel\Plocha\MBR.dat"
12:32:02.390 The log file has been saved successfully to "C:\Documents and Settings\uživatel\Plocha\aswMBR.txt"



Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38610
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod jaro3 » 27 pro 2017 09:49

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Další odkazy:
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mafian
Level 3.5
Level 3.5
Příspěvky: 688
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 27 pro 2017 16:32

# DelFix v1.013 - Logfile created 27/12/2017 at 16:31:31
# Updated 17/04/2016 by Xplode
# Username : uživatel - ADMIN
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Documents and Settings\uživatel\Plocha\aswmbr.exe
Deleted : C:\Documents and Settings\uživatel\Plocha\aswMBR.txt
Deleted : C:\Documents and Settings\uživatel\Plocha\JRT.exe
Deleted : C:\Documents and Settings\uživatel\Plocha\MBR.dat
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

########## - EOF - ##########


už je to lepší děkuji

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38610
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu  Vyřešeno

Příspěvekod jaro3 » 27 pro 2017 18:22

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 2 hosti