Tech Support Forum - View Single Post

ChemicalRomance · 05-12-2007, 04:18 AM

SDFix: Version 1.83

Run by Johnny - Sat 05/12/2007 - 18:55:21.60

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\DOCUME~1\Johnny\Desktop\SDFix

Safe Mode:
Checking Services:

Name:
MSWindows

ImagePath:
"C:\WINDOWS\System32\urdvxc.exe" /service

MSWindows - Deleted

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...

Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\WINDOWS\SYSTEM32\DLOAD.EXE - Deleted
C:\WINDOWS\updater.exe.tmp - Deleted
C:\WINDOWS\system32\helperssc.exe - Deleted
C:\WINDOWS\system32\helpersrvc.exe - Deleted
C:\WINDOWS\system32\i - Deleted
C:\WINDOWS\system32\srvc.exe - Deleted
C:\WINDOWS\system32\ssc.exe - Deleted
C:\WINDOWS\system32\urdvxc.exe - Deleted

Removing Temp Files

ADS Check:

Checking if ADS is attached to system32 Folder
C:\WINDOWS\system32
No streams found.

Checking if ADS is attached to svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.

Final Check:

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

Remaining Files:
---------------

Backups Folder: - C:\DOCUME~1\Johnny\Desktop\SDFix\backups\backups.zip

Checking For Files with Hidden Attributes:

Finished

05-12-2007, 04:18 AM	#5 (permalink)
ChemicalRomance Registered User Join Date: May 2007 Posts: 33 OS: XP	Re: HijackThis log (Please check ASAP) SDFix: Version 1.83 Run by Johnny - Sat 05/12/2007 - 18:55:21.60 Microsoft Windows XP [Version 5.1.2600] Running From: C:\DOCUME~1\Johnny\Desktop\SDFix Safe Mode: Checking Services: Name: MSWindows ImagePath: "C:\WINDOWS\System32\urdvxc.exe" /service MSWindows - Deleted Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: Below files will be copied to Backups folder then removed: C:\WINDOWS\SYSTEM32\DLOAD.EXE - Deleted C:\WINDOWS\updater.exe.tmp - Deleted C:\WINDOWS\system32\helperssc.exe - Deleted C:\WINDOWS\system32\helpersrvc.exe - Deleted C:\WINDOWS\system32\i - Deleted C:\WINDOWS\system32\srvc.exe - Deleted C:\WINDOWS\system32\ssc.exe - Deleted C:\WINDOWS\system32\urdvxc.exe - Deleted Removing Temp Files ADS Check: Checking if ADS is attached to system32 Folder C:\WINDOWS\system32 No streams found. Checking if ADS is attached to svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe::enabled:@xpsp2res.dll,-22019" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe::enabled:@xpsp2res.dll,-22019" Remaining Files: --------------- Backups Folder: - C:\DOCUME~1\Johnny\Desktop\SDFix\backups\backups.zip Checking For Files with Hidden Attributes: Finished