• Ogłoszenie:

Log z gmer

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.

Log z gmer

Postprzez Zenek1999 16 Kwi 2017, 14:54

reklama
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-04-16 14:53:39
Windows 5.1.2600 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD800BB-60JKA0 rev.05.01C05 74.53GB
Running: l2uxjb6r.exe; Driver: C:\DOCUME~1\Zenek123\LOCALS~1\Temp\uxtdypow.sys


---- System - GMER 2.2 ----

INT 0x62 ? 898E2CB8
INT 0x73 ? 89601F00
INT 0x73 ? 89601F00
INT 0x73 ? 89601F00
INT 0x73 ? 89601F00
INT 0x73 ? 89601F00
INT 0x82 ? 898E2CB8

---- Kernel code sections - GMER 2.2 ----

.sptd1 C:\WINDOWS\system32\drivers\sptd.sys entry point in ".sptd1" section [0xF758B60C]
pnidata C:\WINDOWS\system32\DRIVERS\secdrv.sys unknown last section [0xAE374F00, 0x24000, 0x48000000]

---- User code sections - GMER 2.2 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[1448] USER32.dll!DialogBoxParamW 7E425F8F 5 Bytes JMP 42F0F2A1 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[1448] USER32.dll!DialogBoxIndirectParamW 7E432062 5 Bytes JMP 430A03AF C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[1448] USER32.dll!MessageBoxIndirectA 7E43A06A 5 Bytes JMP 430A0330 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[1448] USER32.dll!DialogBoxParamA 7E43B12C 5 Bytes JMP 430A0374 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[1448] USER32.dll!MessageBoxExW 7E450750 5 Bytes JMP 430A02BC C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[1448] USER32.dll!MessageBoxExA 7E450774 5 Bytes JMP 430A02F6 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[1448] USER32.dll!DialogBoxIndirectParamA 7E456CD0 5 Bytes JMP 430A03EA C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[1448] USER32.dll!MessageBoxIndirectW 7E466425 5 Bytes JMP 42F31646 C:\WINDOWS\system32\IEFRAME.dll

---- Devices - GMER 2.2 ----

Device \FileSystem\Ntfs \Ntfs 898E11F8
Device \FileSystem\Fastfat \FatCdrom 8960E440
Device \Driver\usbuhci \Device\USBPDO-0 89792440
Device \Driver\usbuhci \Device\USBPDO-1 89792440
Device \Driver\usbuhci \Device\USBPDO-2 89792440
Device \Driver\usbehci \Device\USBPDO-3 89600440
Device \Driver\Cdrom \Device\CdRom0 89612440
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 898E21F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 898E21F8
Device \Driver\atapi \Device\Ide\IdePort0 898E21F8
Device \Driver\atapi \Device\Ide\IdePort1 898E21F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f 898E21F8
Device \Driver\Cdrom \Device\CdRom1 89612440
Device \Driver\NetBT \Device\NetBt_Wins_Export 89613440
Device \Driver\NetBT \Device\NetbiosSmb 89613440
Device \Driver\NetBT \Device\NetBT_Tcpip_{D1F34B29-0249-40C9-95A2-201568F7A728} 89613440
Device \Driver\usbuhci \Device\USBFDO-0 89792440
Device \Driver\usbuhci \Device\USBFDO-1 89792440
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 89619440
Device \Driver\usbuhci \Device\USBFDO-2 89792440
Device \FileSystem\MRxSmb \Device\LanmanRedirector 89619440
Device \Driver\usbehci \Device\USBFDO-3 89600440
Device \FileSystem\Fastfat \Fat 8960E440
Device \FileSystem\Cdfs \Cdfs 8960F440

---- Registry - GMER 2.2 ----

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}\iexplore@Count 59
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\iexplore@Count 1

---- EOF - GMER 2.2 ----
Zenek1999
~user
 
Posty: 6
Dołączenie: 16 Kwi 2017, 14:44



Log z gmer

Postprzez ordynat 16 Kwi 2017, 16:05

Nie widzę tu niczego podejrzanego.
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866




Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 4 gości