Got an iPhone or iPad? We have a brand new Pastebin App for both devices, and it's totally free! Click here to download the new Pastebin App for iOS.
Public Pastes
Guest

Untitled

By: a guest on Feb 9th, 2010  |  syntax: None  |  size: 6.69 KB  |  hits: 47  |  expires: Never
download  |  raw  |  embed  |  report abuse
Copied
  1.  
  2. [b]SDFix: Version 1.240 [/b]
  3. Run by Administrator on 2010-02-09 at 21:23
  4.  
  5. Microsoft Windows XP [Wersja 5.1.2600]
  6. Running From: C:\SDFix
  7.  
  8. [b]Checking Services [/b]:
  9.  
  10.  
  11. Restoring Default Security Values
  12. Restoring Default Hosts File
  13.  
  14. Rebooting
  15.  
  16.  
  17. [b]Checking Files [/b]:
  18.  
  19. No Trojan Files Found
  20.  
  21.  
  22.  
  23.  
  24.  
  25.  
  26. Removing Temp Files
  27.  
  28. [b]ADS Check [/b]:
  29.  
  30.  
  31.  
  32.                                  [b]Final Check [/b]:
  33.  
  34. catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
  35. Rootkit scan 2010-02-09 21:26:32
  36. Windows 5.1.2600 Dodatek Service Pack 3 NTFS
  37.  
  38. scanning hidden processes ...
  39.  
  40. scanning hidden services & system hive ...
  41.  
  42. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
  43. "s1"=dword:2df9c43f
  44. "s2"=dword:110480d0
  45. "h0"=dword:00000001
  46.  
  47. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
  48. "h0"=dword:00000000
  49. "hdf12"=hex:0a,74,9b,ef,a5,bc,b5,13,4b,b2,1b,c7,67,b1,7c,dd,c3,2b,67,f0,24,..
  50. "p0"="C:\Program Files\DAEMON Tools Pro\"
  51.  
  52. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
  53. "a0"=hex:20,01,00,00,ae,41,da,62,bd,69,ac,88,5a,2f,f8,59,8e,af,b1,e9,c0,..
  54. "hdf12"=hex:e4,60,2c,24,d4,81,c1,17,6c,82,a4,d4,99,5c,3f,46,af,8c,f7,31,9a,..
  55.  
  56. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
  57. "hdf12"=hex:b6,54,c9,a6,c2,09,2c,f2,28,3f,07,c2,24,c4,34,87,98,83,80,ab,da,..
  58.  
  59. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002]
  60. "a0"=hex:20,01,00,00,40,01,d8,62,11,35,1e,b6,78,75,c1,36,d5,d9,ec,fa,95,..
  61. "hdf12"=hex:9c,dd,32,fe,a8,db,c6,86,d3,b0,7f,d8,ee,9e,cc,22,c0,2e,04,0e,a5,..
  62.  
  63. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0]
  64. "hdf12"=hex:3a,b0,90,d3,d4,31,3f,81,12,a4,c5,9c,49,81,9f,52,8b,fc,cd,95,e4,..
  65. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
  66. "h0"=dword:00000000
  67. "hdf12"=hex:0a,74,9b,ef,a5,bc,b5,13,4b,b2,1b,c7,67,b1,7c,dd,c3,2b,67,f0,24,..
  68. "p0"="C:\Program Files\DAEMON Tools Pro\"
  69.  
  70. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
  71. "a0"=hex:20,01,00,00,ae,41,da,62,bd,69,ac,88,5a,2f,f8,59,8e,af,b1,e9,c0,..
  72. "hdf12"=hex:e4,60,2c,24,d4,81,c1,17,6c,82,a4,d4,99,5c,3f,46,af,8c,f7,31,9a,..
  73.  
  74. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
  75. "hdf12"=hex:b6,54,c9,a6,c2,09,2c,f2,28,3f,07,c2,24,c4,34,87,98,83,80,ab,da,..
  76.  
  77. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002]
  78. "a0"=hex:20,01,00,00,40,01,d8,62,11,35,1e,b6,78,75,c1,36,d5,d9,ec,fa,95,..
  79. "hdf12"=hex:9c,dd,32,fe,a8,db,c6,86,d3,b0,7f,d8,ee,9e,cc,22,c0,2e,04,0e,a5,..
  80.  
  81. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0]
  82. "hdf12"=hex:3a,b0,90,d3,d4,31,3f,81,12,a4,c5,9c,49,81,9f,52,8b,fc,cd,95,e4,..
  83.  
  84. scanning hidden registry entries ...
  85.  
  86. scanning hidden files ...
  87.  
  88. scan completed successfully
  89. hidden processes: 0
  90. hidden services: 0
  91. hidden files: 0
  92.  
  93.  
  94. [b]Remaining Services [/b]:
  95.  
  96.  
  97.  
  98.  
  99. Authorized Application Key Export:
  100.  
  101. [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
  102. "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
  103. "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
  104. "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
  105. "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent"
  106. "D:\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\xrEngine.exe"="D:\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
  107. "D:\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\dedicated\\xrEngine.exe"="D:\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\dedicated\\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"
  108. "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Uruchamia plik DLL jako aplikacj©"
  109. "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
  110. "C:\\Program Files\\Java\\jre6\\bin\\java.exe"="C:\\Program Files\\Java\\jre6\\bin\\java.exe:*:Enabled:Java(TM) Platform SE binary"
  111. "C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
  112. "C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
  113. "D:\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"="D:\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe:*:Enabled:DarkCrusade"
  114. "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
  115. "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
  116. "C:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"="C:\\Program Files\\Nowe Gadu-Gadu\\gg.exe:*:Enabled:Nowe Gadu-Gadu"
  117. "D:\\Activision\\Call of Duty Modern Warfare 2\\iw4mp.exe"="D:\\Activision\\Call of Duty Modern Warfare 2\\iw4mp.exe:*:Enabled:iw4mp"
  118. "C:\\Program Files\\Hamachi\\hamachi.exe"="C:\\Program Files\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client"
  119. "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
  120.  
  121. [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
  122. "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
  123. "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
  124. "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
  125.  
  126. [b]Remaining Files [/b]:
  127.  
  128.  
  129.  
  130. [b]Files with Hidden Attributes [/b]:
  131.  
  132. Tue  9 Feb 2010       102,400 ..SHR --- "C:\Documents and Settings\MiChAˆ\zaian.exe"
  133. Tue 21 Jul 2009            88 ..SHR --- "C:\WINDOWS\system32\5471A9B09A.sys"
  134. Mon  1 Feb 2010         2,568 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
  135. Thu 21 Jan 2010             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
  136.  
  137. [b]Finished![/b]
create a new version of this paste RAW Paste Data