Rootkitit

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by lajokaar, May 9, 2009.

Thread Status:
Not open for further replies.
  1. lajokaar

    lajokaar Member

    Joined:
    May 9, 2009
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    11
    Hei.
    En oikeen tunne tätä aluetta hyvin, joten voisiko joku auttaa minua?
    Koneeni hidastelee välillä ja kuulin, että koneeessani voisi pesiä jonkinlainen rootkit.
    Ajoin eräällä rootkit-ohjelmalla koneeni ja loki oli tällainen:

    GMER 1.0.15.14972 - http://www.gmer.net
    Rootkit scan 2009-05-09 19:36:23
    Windows 6.0.6001 Service Pack 1


    ---- User IAT/EAT - GMER 1.0.15 ----

    IAT C:\Windows\system32\services.exe[620] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00070002
    IAT C:\Windows\system32\services.exe[620] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW] 00070000
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74407BA4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [744498C5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7440D3C8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [743FF527] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74407599] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [743FE43D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [7443B33D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7440D68A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7440012E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74400095] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [743F71F3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7448D802] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [744275E1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [743FDAE1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [743F668F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [743F66BA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74401E45] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
    AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
    AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)


    Onko tuossa jotain kohtia, jotka pitäisi poistaa tai tehdä joitain muita toimenpiteitä? Kaikki apu tarpeen. Kiitos
     
    lajokaar, May 9, 2009
    #1
Thread Status:
Not open for further replies.

Share This Page