sdfix report.txt

Same włączaja strony z grami i reklamami w internet explorer

Dołączam logi, prośba o wgląd. Dzięki z góry.


[b]SDFix: Version 1.240 [/b]
Run by Administrator on 2010-11-03 at 17:48

Microsoft Windows XP [Wersja 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-03 17:57:47
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
" %windir%\\system32\\sessmgr.exe " = " %windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 "
" C:\\Program Files\\Opera\\opera.exe " = " C:\\Program Files\\Opera\\opera.exe:*:Enabled:Opera Internet Browser "
" C:\\Documents and Settings\\J?zek\\Moje dokumenty\\GoD\\GoD.exe " = " C:\\Documents and Settings\\J?zek\\Moje dokumenty\\GoD\\GoD.exe:*:Enabled:GoD "
" C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE " = " C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook "
" C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE " = " C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove "
" C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE " = " C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote "
" C:\\Program Files\\uTorrent\\uTorrent.exe " = " C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent "
" C:\\Documents and Settings\\J?zek\\Pulpit\\utorrent.exe " = " C:\\Documents and Settings\\J?zek\\Pulpit\\utorrent.exe:*:Enabled:uTorrent "
" C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe " = " C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe:*:Enabled:BearShare "
" C:\\Program Files\\Vuze\\Azureus.exe " = " C:\\Program Files\\Vuze\\Azureus.exe:*:Enabled:Azureus / Vuze "
" C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe " = " C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000 "
" C:\\Program Files\\eMule\\emule.exe " = " C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
" %windir%\\system32\\sessmgr.exe " = " %windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 "
" %windir%\\Network Diagnostic\\xpnetdiag.exe " = " %windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 "
" C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe " = " C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe:*:Enabled:BearShare "

[b]Remaining Files [/b]:



[b]Files with Hidden Attributes [/b]:

Sun 12 Mar 2006 10,311,680 ..SH. --- " C:\Program Files\AVIConverter\MENCODER.EXE "
Sat 31 Dec 2005 8,578,048 ..SH. --- " C:\Program Files\AVIConverter\mencoder1.exe "
Wed 27 May 2009 39,936 ...H. --- " C:\Documents and Settings\J?zek\Dane aplikacji\Microsoft\Word\~WRL0005.tmp "
Thu 17 Sep 2009 241,664 ...H. --- " C:\Documents and Settings\J?zek\Dane aplikacji\Microsoft\Word\~WRL0200.tmp "
Tue 2 Jun 2009 27,136 ...H. --- " C:\Documents and Settings\J?zek\Dane aplikacji\Microsoft\Word\~WRL0796.tmp "
Thu 17 Sep 2009 243,712 ...H. --- " C:\Documents and Settings\J?zek\Dane aplikacji\Microsoft\Word\~WRL0895.tmp "
Tue 2 Jun 2009 27,136 ...H. --- " C:\Documents and Settings\J?zek\Dane aplikacji\Microsoft\Word\~WRL1361.tmp "
Thu 17 Sep 2009 241,664 ...H. --- " C:\Documents and Settings\J?zek\Dane aplikacji\Microsoft\Word\~WRL1445.tmp "
Tue 2 Jun 2009 23,552 ...H. --- " C:\Documents and Settings\J?zek\Dane aplikacji\Microsoft\Word\~WRL1455.tmp "
Wed 27 May 2009 73,728 ...H. --- " C:\Documents and Settings\J?zek\Dane aplikacji\Microsoft\Word\~WRL1999.tmp "
Tue 2 Jun 2009 26,112 ...H. --- " C:\Documents and Settings\J?zek\Dane aplikacji\Microsoft\Word\~WRL2291.tmp "
Tue 2 Jun 2009 32,256 ...H. --- " C:\Documents and Settings\J?zek\Dane aplikacji\Microsoft\Word\~WRL2967.tmp "
Tue 2 Jun 2009 29,696 ...H. --- " C:\Documents and Settings\J?zek\Dane aplikacji\Microsoft\Word\~WRL3164.tmp "
Fri 1 Oct 2010 0 A.SH. --- " C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\PlayReady\Cache\indiv01.tmp "

[b]Finished![/b]


Pobierz plik - link do postu