« previous next »
Pages: [1]

Author Topic: Please analyze my log  (Read 5442 times)

0 Members and 1 Guest are viewing this topic.

October 19, 2014, 07:40:10 PM

nitrousable

  • Newbie
  • Offline
  • *
  • 38
  • Reputation:
    0
    • View Profile
Please analyze my log
« on: October 19, 2014, 07:40:10 PM »
¤¤¤ Antirootkit : 48 (Driver: Loaded) ¤¤¤
[IAT:Addr] (explorer.exe @ Bcp47Langs.dll) api-ms-win-appmodel-runtime-l1-1-0.dll - GetCurrentPackageFamilyName : C:\Windows\SYSTEM32\kernel.appcore.dll @ 0x7ff8a0d92604
[IAT:Addr] (explorer.exe @ DEVOBJ.dll) api-ms-win-devices-config-l1-1-1.dll - CM_Set_Class_Registry_PropertyW : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a227f470
[IAT:Addr] (explorer.exe @ DEVOBJ.dll) api-ms-win-devices-config-l1-1-1.dll - CM_Get_Class_Registry_PropertyW : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a227e350
[IAT:Addr] (explorer.exe @ DEVOBJ.dll) api-ms-win-devices-config-l1-1-1.dll - CM_Get_Device_IDW : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a2253c7c
[IAT:Addr] (explorer.exe @ DEVOBJ.dll) api-ms-win-devices-query-l1-1-1.dll - DevCreateObjectQuery : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a225a060
[IAT:Addr] (explorer.exe @ DEVOBJ.dll) api-ms-win-devices-query-l1-1-1.dll - DevCloseObjectQuery : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a2258848
[IAT:Addr] (explorer.exe @ twinui.dll) api-ms-win-core-biplmapi-l1-1-1.dll - BiUpdateLockScreenApplications : C:\Windows\SYSTEM32\twinapi.appcore.dll @ 0x7ff89696c3c4
[IAT:Addr] (explorer.exe @ twinui.dll) api-ms-win-core-biplmapi-l1-1-1.dll - BiChangeSessionState : C:\Windows\SYSTEM32\twinapi.appcore.dll @ 0x7ff896952b90
[IAT:Addr] (explorer.exe @ twinui.dll) api-ms-win-appmodel-runtime-internal-l1-1-0.dll - GetAppModelVersion : C:\Windows\SYSTEM32\kernel.appcore.dll @ 0x7ff8a0d925bc
[IAT:Addr] (explorer.exe @ twinui.dll) api-ms-win-core-biptcltapi-l1-1-1.dll - BiPtAssociateActivationProxy : C:\Windows\SYSTEM32\twinapi.appcore.dll @ 0x7ff896956bac
[IAT:Addr] (explorer.exe @ twinui.dll) api-ms-win-core-biptcltapi-l1-1-1.dll - BiPtDisassociateWorkItem : C:\Windows\SYSTEM32\twinapi.appcore.dll @ 0x7ff89696c94c
[IAT:Addr] (explorer.exe @ twinui.appcore.dll) api-ms-win-core-biptcltapi-l1-1-1.dll - BiPtActivateWorkItem : C:\Windows\SYSTEM32\twinapi.appcore.dll @ 0x7ff89696c718
[IAT:Addr] (explorer.exe @ twinui.appcore.dll) api-ms-win-core-biptcltapi-l1-1-1.dll - BiPtFreeMemory : C:\Windows\SYSTEM32\twinapi.appcore.dll @ 0x7ff896958cc8
[IAT:Addr] (explorer.exe @ twinui.appcore.dll) api-ms-win-core-biptcltapi-l1-1-1.dll - BiPtQueryWorkItem : C:\Windows\SYSTEM32\twinapi.appcore.dll @ 0x7ff89696cae0
[IAT:Addr] (explorer.exe @ twinui.appcore.dll) api-ms-win-core-biptcltapi-l1-1-1.dll - BiPtEnumerateWorkItemsForPackageName : C:\Windows\SYSTEM32\twinapi.appcore.dll @

0x7ff89696c9f0
[IAT:Addr] (explorer.exe @ wpncore.dll) api-ms-win-appmodel-runtime-l1-1-1.dll - PackageFamilyNameFromFullName : C:\Windows\SYSTEM32\kernel.appcore.dll @ 0x7ff8a0d9282c
[IAT:Addr] (explorer.exe @ bthprops.cpl) api-ms-win-devices-query-l1-1-1.dll - DevCreateObjectQuery : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a225a060
[IAT:Addr] (explorer.exe @ bthprops.cpl) api-ms-win-devices-query-l1-1-1.dll - DevCloseObjectQuery : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a2258848
[IAT:Addr] (explorer.exe @ WSShared.dll) api-ms-win-appmodel-runtime-internal-l1-1-0.dll - GetAppModelVersion : C:\Windows\SYSTEM32\kernel.appcore.dll @ 0x7ff8a0d925bc
[IAT:Addr] (explorer.exe @ WSShared.dll) api-ms-win-appmodel-runtime-internal-l1-1-0.dll - GetPackageInstallTime : C:\Windows\SYSTEM32\kernel.appcore.dll @ 0x7ff8a0d926dc
[IAT:Addr] (explorer.exe @ WSShared.dll) api-ms-win-devices-query-l1-1-1.dll - DevGetObjectProperties : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a22594c4
[IAT:Addr] (explorer.exe @ WSShared.dll) api-ms-win-devices-query-l1-1-1.dll - DevFreeObjectProperties : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a2259200
[IAT:Addr] (explorer.exe @ WSShared.dll) SLC.dll - SLClose : C:\Windows\SYSTEM32\sppc.dll @ 0x7ff89d81566c
[IAT:Addr] (explorer.exe @ WSShared.dll) SLC.dll - SLOpen : C:\Windows\SYSTEM32\sppc.dll @ 0x7ff89d8178e8
[IAT:Addr] (explorer.exe @ WSSync.dll) api-ms-win-appmodel-runtime-l1-1-1.dll - PackageFamilyNameFromFullName : C:\Windows\SYSTEM32\kernel.appcore.dll @ 0x7ff8a0d9282c
[IAT:Addr] (explorer.exe @ MrmCoreR.dll) api-ms-win-appmodel-identity-l1-1-0.dll - AppXGetOSMaxVersionTested : C:\Windows\SYSTEM32\kernel.appcore.dll @ 0x7ff8a0d92460
[IAT:Addr] (explorer.exe @ ondemandconnroutehelper.dll) api-ms-win-appmodel-runtime-l1-1-1.dll - GetCurrentApplicationUserModelId : C:\Windows\SYSTEM32\kernel.appcore.dll @

0x7ff8a0d925d4
[IAT:Addr] (explorer.exe @ Windows.UI.Xaml.dll) api-ms-win-appmodel-runtime-internal-l1-1-0.dll - GetAppModelVersion : C:\Windows\SYSTEM32\kernel.appcore.dll @ 0x7ff8a0d925bc
[IAT:Addr] (explorer.exe @ Windows.UI.Xaml.dll) api-ms-win-appmodel-runtime-internal-l1-1-0.dll - GetCurrentPackageApplicationContext : C:\Windows\SYSTEM32\kernel.appcore.dll

@ 0x7ff8a0d925e0
[IAT:Addr] (explorer.exe @ Windows.UI.Xaml.dll) api-ms-win-appmodel-runtime-internal-l1-1-0.dll - GetPackageOSMaxVersionTested : C:\Windows\SYSTEM32\kernel.appcore.dll @

0x7ff8a0d926e8
[IAT:Addr] (explorer.exe @ Windows.UI.Xaml.dll) api-ms-win-appmodel-runtime-internal-l1-1-0.dll - GetCurrentPackageContext : C:\Windows\SYSTEM32\kernel.appcore.dll @

0x7ff8a0d925f8
[IAT:Addr] (explorer.exe @ Windows.UI.Xaml.dll) api-ms-win-appmodel-runtime-internal-l1-1-0.dll - GetPackageApplicationPropertyString : C:\Windows\SYSTEM32\kernel.appcore.dll

@ 0x7ff8a0d92688
[IAT:Addr] (explorer.exe @ Windows.UI.Xaml.dll) api-ms-win-core-winrt-robuffer-l1-1-0.dll - RoGetBufferMarshaler : C:\Windows\System32\WinTypes.dll @ 0x7ff894c1bf60
[IAT:Addr] (explorer.exe @ wpc.dll) NETAPI32.dll - NetUserGetInfo : C:\Windows\system32\samcli.dll @ 0x7ff89b5b1770
[IAT:Addr] (explorer.exe @ wpc.dll) NETAPI32.dll - NetApiBufferFree : C:\Windows\system32\netutils.dll @ 0x7ff8a11a1010
[IAT:Addr] (explorer.exe @ wpc.dll) NETAPI32.dll - NetUserGetLocalGroups : C:\Windows\system32\samcli.dll @ 0x7ff89b5b2dc0
[IAT:Addr] (explorer.exe @ wpc.dll) NETAPI32.dll - NetQueryDisplayInformation : C:\Windows\system32\samcli.dll @ 0x7ff89b5b5160
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) api-ms-win-devices-query-l1-1-1.dll - DevCreateObjectQueryFromIdEx : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a225b384
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) api-ms-win-devices-query-l1-1-1.dll - DevCloseObjectQuery : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a2258848
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) api-ms-win-devices-query-l1-1-1.dll - DevFreeObjects : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a2259730
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) api-ms-win-devices-query-l1-1-1.dll - DevGetObjects : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a22597e8
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) api-ms-win-devices-query-l1-1-1.dll - DevFreeObjectProperties : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a2259200
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) api-ms-win-devices-query-l1-1-1.dll - DevGetObjectProperties : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a22594c4
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) api-ms-win-devices-query-l1-1-1.dll - DevSetObjectProperties : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a225b074
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) api-ms-win-devices-query-l1-1-1.dll - DevFindProperty : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a225c434
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) api-ms-win-devices-query-l1-1-1.dll - DevCreateObjectQueryFromIdsEx : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a22893d4
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) api-ms-win-devices-query-l1-1-1.dll - DevCreateObjectQueryEx : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a2259d20
[IAT:Addr] (explorer.exe @ DevDispItemProvider.dll) api-ms-win-devices-query-l1-1-1.dll - DevCreateObjectQuery : C:\Windows\SYSTEM32\cfgmgr32.dll @ 0x7ff8a225a060
Rest of the logs are clean. Please check
Logged
Reply #1October 20, 2014, 11:41:46 AM

Tigzy

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 957
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: Please analyze my log
« Reply #1 on: October 20, 2014, 11:41:46 AM »
Hello
These are false positive that will be fixed in next release.
Logged
Pages: [1]
« previous next »