kondzior1989
-
Postów
15 -
Dołączył
-
Ostatnia wizyta
Odpowiedzi opublikowane przez kondzior1989
-
-
-
Przegladarka zdjec nie dziala windows 7 Prosze o Pomoc :(
-
-
nowe logi chyba teraz najbardzije poprawne ucze sie
-
nie dziala mi przegladarka, nie moge polaczyc sie w sumie z niczym dostaje furii pewnie jakis malware firefoxa Przepraszam bardzo i dziekuje z gory
-
zalamalem sie
Walcze z tym jzu trzeci dzien, dostaje furii
-
znowu nietety ja, zainstalwalem orginalnego Kasperski Internet Security, nie moge obslugiwac google bo brak certyfikatu :/
-
Nie pdooba mi sie ten searchscopes w raporcie, pewnie jakis trojan
-
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Krzysiek at 2015-03-22 16:02:31 Run:3
Running from D:\Programy\Frst
Loaded Profiles: Krzysiek (Available profiles: Krzysiek)
Boot Mode: Normal
==============================================Content of fixlist:
**********************************
==== End of Fixlog 16:02:31 ====
jakby juz bylo czysto dziekuje bardzo -
-
Ma Pani racje, stososowalem Adwcleaner. W panelu sterowania nie widze spyhuntera ani spybota, chyba kiedys usuwalem
Nie umiem zrobic zalaczenika forum
Lubialem Pani Posty na searchenginees
logi frst
-
-
Teraz jeszcze mi sie wpierniczyl do tego my start search tp raczej pochodna sweet page ale moglbym, sam sobie z tym poradzic i great total
-
Mam bardzo podejrzny fastbar ktory bardzo Mnie trapi, prosze o pomoc,
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-02-02 21:07:15
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-3 SAMSUNG_HD322HJ rev.1AC01110 298,09GB
Running: gmer.exe; Driver: C:\Users\Krzysiek\AppData\Local\Temp\pgldapow.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\Windows\System32\win32k.sys!W32pServiceTable fffff96000104300 7 bytes [00, A1, F3, FF, 41, B4, F0]
.text C:\Windows\System32\win32k.sys!W32pServiceTable + 8 fffff96000104308 3 bytes [00, 07, 02]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\AVG\AVG2015\avgfws.exe[1416] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075d21465 2 bytes [D2, 75]
.text C:\Program Files (x86)\AVG\AVG2015\avgfws.exe[1416] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075d214bb 2 bytes [D2, 75]
.text ... * 2
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1924] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075d21465 2 bytes [D2, 75]
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1924] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075d214bb 2 bytes [D2, 75]
.text ... * 2
.text C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[2300] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000
.text C:\Program Files (x86)\AVG\AVG2015\avgui.exe[2324] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000
.text C:\Program Files (x86)\AVG\AVG2015\avgui.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075d21465 2 bytes [D2, 75]
.text C:\Program Files (x86)\AVG\AVG2015\avgui.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075d214bb 2 bytes [D2, 75]
.text ... * 2
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2336] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[2356] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[2356] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075d21465 2 bytes [D2, 75]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[2356] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075d214bb 2 bytes [D2, 75]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2468] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[2540] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2636] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2636] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075d21465 2 bytes [D2, 75]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2636] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075d214bb 2 bytes [D2, 75]
.text ... * 2
.text C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe[2664] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Program Files (x86)\AVG\AVG2015\avgemca.exe[2728] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3020] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000
.text C:\Windows\system32\svchost.exe[1304] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[2376] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3216] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Windows\system32\conhost.exe[3224] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Windows\system32\SearchIndexer.exe[3264] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Windows\System32\WUDFHost.exe[3820] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Windows\SysWOW64\ctfmon.exe[3912] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000
.text C:\Windows\system32\svchost.exe[4432] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Windows\system32\svchost.exe[420] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Windows\system32\taskeng.exe[4560] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Users\Krzysiek\Downloads\FRST64(3).exe[2804] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Windows\system32\notepad.exe[4468] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Windows\system32\notepad.exe[4500] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Windows\system32\wbem\wmiprvse.exe[4820] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Program Files\WinRAR\WinRAR.exe[5304] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Program Files\Internet Explorer\iexplore.exe[5336] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000772f0950 5 bytes JMP 0000000077450018
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5384] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5384] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075d21465 2 bytes [D2, 75]
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5384] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075d214bb 2 bytes [D2, 75]
.text ... * 2
.text C:\Users\Krzysiek\AppData\Local\Temp\Temp1_gmer(2).zip\gmer.exe[6112] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007749fe14 5 bytes JMP 0000000173321000
---- Kernel IAT/EAT - GMER 2.1 ----
IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [fffff880010c1e94] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [fffff880010c1c38] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [fffff880010c2614] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [fffff880010c2a10] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [fffff880010c286c] \SystemRoot\System32\Drivers\sptd.sys [.text]
---- Devices - GMER 2.1 ----
Device \Driver\atapi \Device\Ide\IdePort0 fffffa80039a42c0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-3 fffffa80039a42c0
Device \Driver\atapi \Device\Ide\IdePort1 fffffa80039a42c0
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 fffffa80039a42c0
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-2 fffffa80039a42c0
Device \FileSystem\Ntfs \Ntfs fffffa80039a82c0
Device \Driver\usbuhci \Device\USBFDO-3 fffffa80050e72c0
Device \Driver\usbuhci \Device\USBPDO-1 fffffa80050e72c0
Device \Driver\cdrom \Device\CdRom0 fffffa8004c952c0
Device \Driver\cdrom \Device\CdRom1 fffffa8004c952c0
Device \Driver\dtsoftbus01 \Device\0000005b fffffa8004c9d2c0
Device \Driver\USBSTOR \Device\0000006b fffffa8004cd82c0
Device \Driver\usbehci \Device\USBFDO-4 fffffa80052162c0
Device \Driver\usbuhci \Device\USBPDO-2 fffffa80050e72c0
Device \Driver\usbuhci \Device\USBFDO-0 fffffa80050e72c0
Device \Driver\dtsoftbus01 \Device\DTSoftBusCtl fffffa8004c9d2c0
Device \Driver\usbuhci \Device\USBPDO-3 fffffa80050e72c0
Device \Driver\usbuhci \Device\USBFDO-1 fffffa80050e72c0
Device \Driver\NetBT \Device\NetBT_Tcpip_{C88FADA7-5B45-4EA4-9C68-53587E2F8AE1} fffffa8004cc72c0
Device \Driver\USBSTOR \Device\0000006d fffffa8004cd82c0
Device \Driver\NetBT \Device\NetBt_Wins_Export fffffa8004cc72c0
Device \Driver\usbehci \Device\USBPDO-4 fffffa80052162c0
Device \Driver\usbuhci \Device\USBFDO-2 fffffa80050e72c0
Device \Driver\atapi \Device\ScsiPort0 fffffa80039a42c0
Device \Driver\usbuhci \Device\USBPDO-0 fffffa80050e72c0
Device \Driver\atapi \Device\ScsiPort1 fffffa80039a42c0
---- Trace I/O - GMER 2.1 ----
Trace ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80039a42c0]<< sptd.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys fffffa80039a42c0
Trace 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8004904680] fffffa8004904680
Trace 3 CLASSPNP.SYS[fffff8800143b43f] -> nt!IofCallDriver -> [0xfffffa8003958e40] fffffa8003958e40
Trace 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-3[0xfffffa80043d6680] fffffa80043d6680
Trace \Driver\atapi[0xfffffa8004385d20] -> IRP_MJ_CREATE -> 0xfffffa80039a42c0 fffffa80039a42c0
---- Processes - GMER 2.1 ----
Process C:\Users\Krzysiek\AppData\Local\Temp\Temp1_gmer(2).zip\gmer.exe (*** suspicious ***) @ C:\Users\Krzysiek\AppData\Local\Temp\Temp1_gmer(2).zip\gmer.exe [6112](2014-01-28 17:36:04) 0000000000400000
---- EOF - GMER 2.1 ----
Dodatkowo mam dziwne teredo, podejrzewa, ze jestem zainfekowany :/
Przegladarka zdjec nie dziala windows 7 Prosze o Pomoc :(
w Software
Opublikowano
Wogole zadnego :(