Skocz do zawartości

kondzior1989

Użytkownicy
  • Postów

    15
  • Dołączył

  • Ostatnia wizyta

  1. Przegladarka zdjec nie dziala windows 7 Prosze o Pomoc :(
  2. Przepraszam bardzo Dziekuje FRST.txt Addition.txt Shortcut.txt
  3. nowe logi chyba teraz najbardzije poprawne ucze sie
  4. nie dziala mi przegladarka, nie moge polaczyc sie w sumie z niczym dostaje furii pewnie jakis malware firefoxa Przepraszam bardzo i dziekuje z gory Addition.txt Shortcut.txt FRST.txt
  5. zalamalem sie Walcze z tym jzu trzeci dzien, dostaje furii
  6. znowu nietety ja, zainstalwalem orginalnego Kasperski Internet Security, nie moge obslugiwac google bo brak certyfikatu :/
  7. Nie pdooba mi sie ten searchscopes w raporcie, pewnie jakis trojan FRST.txt Shortcut.txt Addition.txt
  8. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by Krzysiek at 2015-03-22 16:02:31 Run:3 Running from D:\Programy\Frst Loaded Profiles: Krzysiek (Available profiles: Krzysiek) Boot Mode: Normal ============================================== Content of fixlist: ***************** ***************** ==== End of Fixlog 16:02:31 ==== jakby juz bylo czysto dziekuje bardzo
  9. Logi z dzisiaj 21 marca 2015 Addition.txt FRST.txt
  10. Ma Pani racje, stososowalem Adwcleaner. W panelu sterowania nie widze spyhuntera ani spybota, chyba kiedys usuwalem Nie umiem zrobic zalaczenika forum Lubialem Pani Posty na searchenginees logi frst Fixlog.txt FRST.txt
  11. Raporty: Addition.txt FRST.txt Shortcut.txt
  12. Teraz jeszcze mi sie wpierniczyl do tego my start search tp raczej pochodna sweet page ale moglbym, sam sobie z tym poradzic i great total
  13. Mam bardzo podejrzny fastbar ktory bardzo Mnie trapi, prosze o pomoc, GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-02-02 21:07:15 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-3 SAMSUNG_HD322HJ rev.1AC01110 298,09GB Running: gmer.exe; Driver: C:\Users\Krzysiek\AppData\Local\Temp\pgldapow.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\Windows\System32\win32k.sys!W32pServiceTable fffff96000104300 7 bytes [00, A1, F3, FF, 41, B4, F0] .text C:\Windows\System32\win32k.sys!W32pServiceTable + 8 fffff96000104308 3 bytes [00, 07, 02] ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\AVG\AVG2015\avgfws.exe[1416] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075d21465 2 bytes [D2, 75] .text C:\Program Files (x86)\AVG\AVG2015\avgfws.exe[1416] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075d214bb 2 bytes [D2, 75] .text ... * 2 .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1924] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075d21465 2 bytes [D2, 75] .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1924] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075d214bb 2 bytes [D2, 75] .text ... * 2 .text C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[2300] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000 .text C:\Program Files (x86)\AVG\AVG2015\avgui.exe[2324] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000 .text C:\Program Files (x86)\AVG\AVG2015\avgui.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075d21465 2 bytes [D2, 75] .text C:\Program Files (x86)\AVG\AVG2015\avgui.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075d214bb 2 bytes [D2, 75] .text ... * 2 .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2336] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[2356] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000 .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[2356] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075d21465 2 bytes [D2, 75] .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[2356] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075d214bb 2 bytes [D2, 75] .text ... * 2 .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2468] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000 .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[2540] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2636] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000 .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2636] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075d21465 2 bytes [D2, 75] .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2636] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075d214bb 2 bytes [D2, 75] .text ... * 2 .text C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe[2664] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Program Files (x86)\AVG\AVG2015\avgemca.exe[2728] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3020] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000 .text C:\Windows\system32\svchost.exe[1304] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[2376] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000 .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3216] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Windows\system32\conhost.exe[3224] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Windows\system32\SearchIndexer.exe[3264] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Windows\System32\WUDFHost.exe[3820] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Windows\SysWOW64\ctfmon.exe[3912] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000 .text C:\Windows\system32\svchost.exe[4432] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Windows\system32\svchost.exe[420] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Windows\system32\taskeng.exe[4560] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Users\Krzysiek\Downloads\FRST64(3).exe[2804] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Windows\system32\notepad.exe[4468] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Windows\system32\notepad.exe[4500] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Windows\system32\wbem\wmiprvse.exe[4820] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Program Files\WinRAR\WinRAR.exe[5304] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Program Files\Internet Explorer\iexplore.exe[5336] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018 .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5384] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000 .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5384] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075d21465 2 bytes [D2, 75] .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5384] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075d214bb 2 bytes [D2, 75] .text ... * 2 .text C:\Users\Krzysiek\AppData\Local\Temp\Temp1_gmer(2).zip\gmer.exe[6112] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000 ---- Kernel IAT/EAT - GMER 2.1 ---- IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [fffff880010c1e94] \SystemRoot\System32\Drivers\sptd.sys [.text] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [fffff880010c1c38] \SystemRoot\System32\Drivers\sptd.sys [.text] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [fffff880010c2614] \SystemRoot\System32\Drivers\sptd.sys [.text] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [fffff880010c2a10] \SystemRoot\System32\Drivers\sptd.sys [.text] IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [fffff880010c286c] \SystemRoot\System32\Drivers\sptd.sys [.text] ---- Devices - GMER 2.1 ---- Device \Driver\atapi \Device\Ide\IdePort0 fffffa80039a42c0 Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-3 fffffa80039a42c0 Device \Driver\atapi \Device\Ide\IdePort1 fffffa80039a42c0 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 fffffa80039a42c0 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-2 fffffa80039a42c0 Device \FileSystem\Ntfs \Ntfs fffffa80039a82c0 Device \Driver\usbuhci \Device\USBFDO-3 fffffa80050e72c0 Device \Driver\usbuhci \Device\USBPDO-1 fffffa80050e72c0 Device \Driver\cdrom \Device\CdRom0 fffffa8004c952c0 Device \Driver\cdrom \Device\CdRom1 fffffa8004c952c0 Device \Driver\dtsoftbus01 \Device\0000005b fffffa8004c9d2c0 Device \Driver\USBSTOR \Device\0000006b fffffa8004cd82c0 Device \Driver\usbehci \Device\USBFDO-4 fffffa80052162c0 Device \Driver\usbuhci \Device\USBPDO-2 fffffa80050e72c0 Device \Driver\usbuhci \Device\USBFDO-0 fffffa80050e72c0 Device \Driver\dtsoftbus01 \Device\DTSoftBusCtl fffffa8004c9d2c0 Device \Driver\usbuhci \Device\USBPDO-3 fffffa80050e72c0 Device \Driver\usbuhci \Device\USBFDO-1 fffffa80050e72c0 Device \Driver\NetBT \Device\NetBT_Tcpip_{C88FADA7-5B45-4EA4-9C68-53587E2F8AE1} fffffa8004cc72c0 Device \Driver\USBSTOR \Device\0000006d fffffa8004cd82c0 Device \Driver\NetBT \Device\NetBt_Wins_Export fffffa8004cc72c0 Device \Driver\usbehci \Device\USBPDO-4 fffffa80052162c0 Device \Driver\usbuhci \Device\USBFDO-2 fffffa80050e72c0 Device \Driver\atapi \Device\ScsiPort0 fffffa80039a42c0 Device \Driver\usbuhci \Device\USBPDO-0 fffffa80050e72c0 Device \Driver\atapi \Device\ScsiPort1 fffffa80039a42c0 ---- Trace I/O - GMER 2.1 ---- Trace ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80039a42c0]<< sptd.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys fffffa80039a42c0 Trace 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8004904680] fffffa8004904680 Trace 3 CLASSPNP.SYS[fffff8800143b43f] -> nt!IofCallDriver -> [0xfffffa8003958e40] fffffa8003958e40 Trace 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-3[0xfffffa80043d6680] fffffa80043d6680 Trace \Driver\atapi[0xfffffa8004385d20] -> IRP_MJ_CREATE -> 0xfffffa80039a42c0 fffffa80039a42c0 ---- Processes - GMER 2.1 ---- Process C:\Users\Krzysiek\AppData\Local\Temp\Temp1_gmer(2).zip\gmer.exe (*** suspicious ***) @ C:\Users\Krzysiek\AppData\Local\Temp\Temp1_gmer(2).zip\gmer.exe [6112](2014-01-28 17:36:04) 0000000000400000 ---- EOF - GMER 2.1 ---- Dodatkowo mam dziwne teredo, podejrzewa, ze jestem zainfekowany :/
×
×
  • Dodaj nową pozycję...