HjT Logi SD fixin jälkeen.

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by EmppuKZ, Mar 15, 2008.

  1. EmppuKZ

    EmppuKZ Member

    Joined:
    Mar 6, 2008
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    11
    SDFix: Version 1.157

    Run by Emppu on la 15.03.2008 at 11:51

    Microsoft Windows XP [versio 5.1.2600]
    Running From: C:\DOCUME~1\HEIKKI~1\TYPYT~1\SDFix

    Checking Services :


    Restoring Windows Registry Values
    Restoring Windows Default Hosts File

    Rebooting


    Checking Files :

    No Trojan Files Found




    Folder C:\WINDOWS\system32\Sys32 - Removed


    Removing Temp Files

    ADS Check :



    Final Check :

    catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-15 11:57:47
    Windows 5.1.2600 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:2df9c43f
    "s2"=dword:110480d0
    "h0"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="G:\DAEMON Tools\"
    "h0"=dword:00000000
    "khjeh"=hex:0d,0e,2b,f1,aa,7b,3d,65,5f,39,b5,3f,04,09,c5,e6,b1,8d,01,e4,14,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,5f,67,8a,12,e4,09,56,1c,33,87,4f,07,e1,85,74,7a,81,..
    "khjeh"=hex:cd,4c,71,42,c5,77,d5,8c,4f,2f,41,0d,53,06,27,25,66,c8,42,ab,9f,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:dc,fd,68,20,b1,bc,e4,55,a2,95,bb,77,58,bb,aa,29,1a,92,ac,e7,d1,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="G:\DAEMON Tools\"
    "h0"=dword:00000000
    "khjeh"=hex:0d,0e,2b,f1,aa,7b,3d,65,5f,39,b5,3f,04,09,c5,e6,b1,8d,01,e4,14,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,5f,67,8a,12,e4,09,56,1c,33,87,4f,07,e1,85,74,7a,81,..
    "khjeh"=hex:cd,4c,71,42,c5,77,d5,8c,4f,2f,41,0d,53,06,27,25,66,c8,42,ab,9f,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:dc,fd,68,20,b1,bc,e4,55,a2,95,bb,77,58,bb,aa,29,1a,92,ac,e7,d1,..

    scanning hidden registry entries ...

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\xb9m\xd3w\2]
    "AB79C053C7D38EE4AB9A00CB3B5D2472"="C?\Program Files\Common Files\Microsoft Shared\Web Folders\PUBPLACE.HTT"

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0


    Remaining Services :



    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"

    Remaining Files :


    File Backups: - C:\DOCUME~1\HEIKKI~1\TYPYT~1\SDFix\backups\backups.zip

    Files with Hidden Attributes :

    Thu 24 Jun 2004 2,932 A..H. --- "C:\WINDOWS\system32\aurl.dat.tmp"
    Sat 15 Mar 2003 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Fri 15 Aug 2003 400 A.SH. --- "C:\Documents and Settings\All Users\DRM\v2ks.bla.bak"
    Fri 15 Aug 2003 48 A.SH. --- "C:\Documents and Settings\All Users\DRM\v2ks.sec.bak"

    Finished!
     
    EmppuKZ, Mar 15, 2008
    #1
  2. Hujo

    Hujo Guest

    hjt loki tässä ei ole ota scannaten uusi
     
    Hujo, Mar 15, 2008
    #2
  3. Hujo

    Hujo Guest

    Hujo, Mar 15, 2008
    #3

Share This Page