mabara

Komputer się muli, zacina

mabara odpowiedział(a) na mabara temat w Dział pomocy doraźnej

Teraz już wszystko gra. Bardzo dziękuję za pomoc.

Komputer się muli, zacina

mabara odpowiedział(a) na mabara temat w Dział pomocy doraźnej

Wszystko wykonane, załączam nowy OTL log i jeszcze z AdwCleanera. Nie wymagany, ale moze potrzebny.] OTL.Txt AdwCleanerS1.txt

Komputer się muli, zacina

mabara opublikował(a) temat w Dział pomocy doraźnej

Witam, wykasowałam Sweet IM w dodaj/usuń programy, po czym komputer się zawiesił. Po restarcie odkryłam SweetPacksUpdate i dodatkowo yoayo.exe. Przeczytałam, że to wirus, ale nie mogę go wyłączyć, bo menadżer zadań nie reaguje. Proszę o pomoc. GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-11-08 22:39:13 Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-1f WDC_WD2500BB-22RDA0 rev.20.00K20 Running: vx7kv34t.exe; Driver: C:\DOCUME~1\OWNER~1.YOU\LOCALS~1\Temp\kxacapog.sys ---- System - GMER 1.0.15 ---- SSDT \??\C:\WINDOWS\system32\drivers\avgtpx86.sys (AVG Technologies) ZwQueryValueKey [0xACF751EA] INT 0x62 ? 8A534CC8 INT 0x73 ? 8A534CC8 INT 0x73 ? 8A534CC8 INT 0x73 ? 8A534CC8 INT 0x82 ? 8A534CC8 INT 0x83 ? 8A534CC8 INT 0x83 ? 8A534CC8 INT 0x83 ? 8A534CC8 INT 0xB4 ? 8A337CC8 INT 0xB4 ? 8A337CC8 INT 0xB4 ? 8A337CC8 INT 0xB4 ? 8A337CC8 ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwCallbackReturn + 2E8C 805046F8 4 Bytes [EA, 51, F7, AC] .sptd1 C:\WINDOWS\system32\drivers\sptd.sys entry point in ".sptd1" section [0xB9F8D346] .text USBPORT.SYS!DllUnload B92ED62C 5 Bytes JMP 8A3371D8 ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe[176] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe[176] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] .text C:\Program Files\NewSoftware's\Folder Lock\FLComServ.exe[220] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\Program Files\NewSoftware's\Folder Lock\FLComServ.exe[220] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] .text C:\WINDOWS\system32\wuauclt.exe[440] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\WINDOWS\system32\wuauclt.exe[440] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] .text C:\Documents and Settings\Owner.YOUR-4B5C888A65\My Documents\Pobieranie\vx7kv34t.exe[804] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\Documents and Settings\Owner.YOUR-4B5C888A65\My Documents\Pobieranie\vx7kv34t.exe[804] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] .text C:\Program Files\Mozilla Firefox\firefox.exe[1588] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 01485B00 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[1588] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\Program Files\Mozilla Firefox\firefox.exe[1588] kernel32.dll!lstrlenW + 43 7C809A5C 7 Bytes JMP 016C7B58 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[1588] kernel32.dll!MapViewOfFileEx + 6A 7C80B910 7 Bytes JMP 016C7B35 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[1588] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] .text C:\Program Files\Mozilla Firefox\firefox.exe[1588] kernel32.dll!ValidateLocale + AFA8 7C8447E8 7 Bytes JMP 0148EF12 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[1588] GDI32.dll!SetDIBitsToDevice + 20D 77F19A9C 7 Bytes JMP 016C7AB6 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe[1756] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe[1756] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe[1780] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe[1780] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] .text C:\Program Files\QuickTime\QTTask.exe[1820] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\Program Files\QuickTime\QTTask.exe[1820] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] .text C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe[1868] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe[1868] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1888] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1888] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] .text C:\Program Files\Gadu-Gadu 10\gg.exe[1912] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\Program Files\Gadu-Gadu 10\gg.exe[1912] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] .text C:\Program Files\Gadu-Gadu 10\gg.exe[1912] USER32.dll!BeginPaint 77D4B609 5 Bytes JMP 106E3730 C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll .text C:\Program Files\Gadu-Gadu 10\gg.exe[1912] USER32.dll!EndPaint 77D4B61D 5 Bytes JMP 106E37A0 C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll .text C:\Program Files\Messenger\msmsgs.exe[1952] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\Program Files\Messenger\msmsgs.exe[1952] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] .text C:\WINDOWS\system32\WinFLTray.exe[2028] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\WINDOWS\system32\WinFLTray.exe[2028] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] .text C:\WINDOWS\system32\wbem\unsecapp.exe[3508] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\WINDOWS\system32\wbem\unsecapp.exe[3508] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] .text C:\Program Files\AVG Secure Search\vprot.exe[3960] kernel32.dll!TerminateProcess 7C801E16 1 Byte [C3] .text C:\Program Files\AVG Secure Search\vprot.exe[3960] kernel32.dll!TerminateThread 7C81CE13 1 Byte [C3] ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG] [b9E93232] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR] [b9E92730] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR] [b9E92F12] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [b9E92730] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [b9E92914] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [b9E92856] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [b9E930F0] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [b9E92F12] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [b9EA6F1E] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 8A5191F8 Device \FileSystem\Fastfat \FatCdrom 89FD4430 Device \Driver\usbstor \Device\0000008e 89C6A1F8 Device \Driver\usbohci \Device\USBPDO-0 8A3361F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{49D869A6-AF92-44E9-B6D6-607CED0CACF2} 8A20B430 Device \Driver\usbohci \Device\USBPDO-1 8A3361F8 Device \Driver\usbehci \Device\USBPDO-2 8A31E1F8 Device \Driver\Cdrom \Device\CdRom0 8A30E1F8 Device \Driver\atapi \Device\Ide\IdePort0 8A5341F8 Device \Driver\atapi \Device\Ide\IdePort1 8A5341F8 Device \Driver\atapi \Device\Ide\IdePort2 8A5341F8 Device \Driver\atapi \Device\Ide\IdePort3 8A5341F8 Device \Driver\atapi \Device\Ide\IdePort4 8A5341F8 Device \Driver\atapi \Device\Ide\IdePort5 8A5341F8 Device \Driver\atapi \Device\Ide\IdeDeviceP5T1L0-14 8A5341F8 Device \Driver\atapi \Device\Ide\IdeDeviceP5T0L0-c 8A5341F8 Device \Driver\atapi \Device\Ide\IdeDeviceP4T0L0-1f 8A5341F8 Device \Driver\Cdrom \Device\CdRom1 8A30E1F8 Device \Driver\usbstor \Device\00000090 89C6A1F8 Device \Driver\NetBT \Device\NetBt_Wins_Export 8A20B430 Device \Driver\usbstor \Device\00000091 89C6A1F8 Device \Driver\usbstor \Device\00000092 89C6A1F8 Device \Driver\NetBT \Device\NetbiosSmb 8A20B430 Device \Driver\usbstor \Device\00000093 89C6A1F8 Device \Driver\usbohci \Device\USBFDO-0 8A3361F8 Device \Driver\usbohci \Device\USBFDO-1 8A3361F8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A070430 Device \Driver\usbehci \Device\USBFDO-2 8A31E1F8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A070430 Device \FileSystem\Fastfat \Fat 89FD4430 AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) Device \FileSystem\Cdfs \Cdfs 8A04E430 ---- EOF - GMER 1.0.15 --- OTL.Txt Extras.Txt

Zaloguj się

Postów

Dołączył

Ostatnia wizyta

Komputer się muli, zacina

Komputer się muli, zacina

Komputer się muli, zacina

Przeglądaj

Cała aktywność