Ok, Stell! Eddig megvagyok. Most nem írta ki a hibaüzenetet indításkor, de ahogy kérted, itt Report.
SDFix: Version 1.219
Run by Rendszergazda on 2008.08.28. at 18:48
Microsoft Windows XP [verzi˘sz m: 5.1.2600]
Running From: C:\SDFix
Checking Services :
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
Checking Files :
No Trojan Files Found
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-08-28 19:03:27
Windows 5.1.2600 Szervizcsomag 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:e5,9f,f4,05,1d,3a,0a,06,49,5b,65,ab,9a,71,ce,f2,2c,05,21,bd,0f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,ec,01,2d,fd,dd,e9,0f,aa,cc,9a,54,98,b0,43,85,04,22,..
"khjeh"=hex:4f,26,5c,54,7c,e2,12,14,e0,26,c1,f3,51,ec,d6,b4,3d,db,55,e1,5d,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2e,b1,77,ca,2e,03,a4,2e,ed,0a,2e,46,8e,e0,eb,4b,f6,f7,fc,70,f6,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:a9fe52e5
"s2"=dword:9ea80873
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:e5,9f,f4,05,1d,3a,0a,06,49,5b,65,ab,9a,71,ce,f2,2c,05,21,bd,0f,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,ec,01,2d,fd,dd,e9,0f,aa,cc,9a,54,98,b0,43,85,04,22,..
"khjeh"=hex:50,fb,8d,a1,26,40,e8,27,02,70,3b,90,29,a0,69,d2,33,e5,1b,19,6d,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:8a,a6,7a,19,ad,10,5e,b5,ea,bb,52,ec,b2,dc,a3,d7,58,0c,02,b5,04,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:22,65,fe,17,4d,b9,8b,29,2a,b2,84,cb,84,b2,74,da,d0,a0,1e,62,78,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:12,8d,b8,4a,21,ec,d0,c0,69,3a,c5,1b,26,17,77,2d,b8,77,32,5e,07,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:12,8d,b8,4a,21,ec,d0,c0,69,3a,c5,1b,26,17,77,2d,b8,77,32,5e,07,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:e5,9f,f4,05,1d,3a,0a,06,49,5b,65,ab,9a,71,ce,f2,2c,05,21,bd,0f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,ec,01,2d,fd,dd,e9,0f,aa,cc,9a,54,98,b0,43,85,04,22,..
"khjeh"=hex:50,fb,8d,a1,26,40,e8,27,02,70,3b,90,29,a0,69,d2,33,e5,1b,19,6d,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:8a,a6,7a,19,ad,10,5e,b5,ea,bb,52,ec,b2,dc,a3,d7,58,0c,02,b5,04,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:22,65,fe,17,4d,b9,8b,29,2a,b2,84,cb,84,b2,74,da,d0,a0,1e,62,78,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:12,8d,b8,4a,21,ec,d0,c0,69,3a,c5,1b,26,17,77,2d,b8,77,32,5e,07,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:12,8d,b8,4a,21,ec,d0,c0,69,3a,c5,1b,26,17,77,2d,b8,77,32,5e,07,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:e5,9f,f4,05,1d,3a,0a,06,49,5b,65,ab,9a,71,ce,f2,2c,05,21,bd,0f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,ec,01,2d,fd,dd,e9,0f,aa,cc,9a,54,98,b0,43,85,04,22,..
"khjeh"=hex:50,fb,8d,a1,26,40,e8,27,02,70,3b,90,29,a0,69,d2,33,e5,1b,19,6d,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:8a,a6,7a,19,ad,10,5e,b5,ea,bb,52,ec,b2,dc,a3,d7,58,0c,02,b5,04,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:22,65,fe,17,4d,b9,8b,29,2a,b2,84,cb,84,b2,74,da,d0,a0,1e,62,78,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:12,8d,b8,4a,21,ec,d0,c0,69,3a,c5,1b,26,17,77,2d,b8,77,32,5e,07,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:12,8d,b8,4a,21,ec,d0,c0,69,3a,c5,1b,26,17,77,2d,b8,77,32,5e,07,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:RTC alkalmaz smegoszt s"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="C:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Documents and Settings\\Gezu\\Dokumentumok\\Downloads\\Counter-Strike 1.6 + Half-Life\\hl.exe"="C:\\Documents and Settings\\Gezu\\Dokumentumok\\Downloads\\Counter-Strike 1.6 + Half-Life\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\EA GAMES\\Need For Speed Underground\\Speed.exe"="C:\\Program Files\\EA GAMES\\Need For Speed Underground\\Speed.exe:*:Enabled:Speed"
"C:\\Q3Ademo\\quake3.exe"="C:\\Q3Ademo\\quake3.exe:*:Disabled:quake3"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Disabled:Skype. Take a deep breath "
"C:\\Program Files\\totalcmd\\TOTALCMD.EXE"="C:\\Program Files\\totalcmd\\TOTALCMD.EXE:*:Disabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Remaining Files :
Files with Hidden Attributes :
Sun 1 Apr 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 12 Apr 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Sun 13 Jul 2008 429 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic10.tmp"
Mon 5 May 2008 28 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic1276.tmp"
Tue 12 Aug 2008 1,190 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic1381.tmp"
Thu 7 Aug 2008 429 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic14A.tmp"
Tue 12 Aug 2008 267 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic14A6.tmp"
Fri 1 Aug 2008 49 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic169.tmp"
Sun 24 Aug 2008 135 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic171.tmp"
Sun 13 Jul 2008 430 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic1B.tmp"
Wed 23 Jul 2008 257 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic1DF.tmp"
Wed 6 Aug 2008 205 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic1FA.tmp"
Sun 20 Jul 2008 354 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic237.tmp"
Sun 3 Aug 2008 633 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic2BA.tmp"
Thu 31 Jul 2008 250 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic2EB.tmp"
Sun 6 Apr 2008 532 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic2FF.tmp"
Sun 3 Aug 2008 1,216 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic37.tmp"
Sun 24 Aug 2008 972 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic38.tmp"
Sat 9 Aug 2008 419 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic38B.tmp"
Sat 9 Aug 2008 262 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic393.tmp"
Thu 7 Aug 2008 429 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic3C.tmp"
Thu 7 Aug 2008 116 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic4.tmp"
Wed 23 Jul 2008 368 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic47.tmp"
Thu 28 Aug 2008 397 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic48.tmp"
Sun 20 Jul 2008 262 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic49.tmp"
Sat 14 Jun 2008 578 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic50.tmp"
Sun 3 Aug 2008 298 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic545.tmp"
Fri 1 Aug 2008 463 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic55.tmp"
Sun 11 May 2008 211 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic5556.tmp"
Wed 6 Aug 2008 466 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic57C.tmp"
Fri 1 Aug 2008 597 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic5C.tmp"
Fri 1 Aug 2008 463 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic5D.tmp"
Wed 6 Aug 2008 401 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic5E.tmp"
Mon 5 May 2008 347 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic766.tmp"
Sun 1 Jun 2008 412 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic78C.tmp"
Sat 28 Jun 2008 419 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\tic7A.tmp"
Thu 28 Aug 2008 397 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\ticA54F.tmp"
Thu 7 Aug 2008 468 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\ticBE0.tmp"
Wed 23 Jul 2008 660 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\ticBE9.tmp"
Sun 27 Jul 2008 380 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\ticCC1.tmp"
Sun 3 Aug 2008 189 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\ticCD4.tmp"
Sun 27 Jul 2008 310 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\ticDB7.tmp"
Sun 13 Jul 2008 429 A..H. --- "C:\Documents and Settings\Gezu\Local Settings\Temp\Free Download Manager\ticF.tmp"
Finished!