[b]SDFix: Version 1.240 [/b] Run by Administrator on 06.07.2009 at 20:42 Microsoft Windows XP [Version 5.1.2600] Running From: C:\SDFix [b]Checking Services [/b]: AUTOEXEC.NT Restored from backups Restoring Default Security Values Restoring Default Hosts File Rebooting [b]Checking Files [/b]: No Trojan Files Found Removing Temp Files [b]ADS Check [/b]: [b]Final Check [/b]: catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-06 21:33:51 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 [b]Remaining Services [/b]: Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Programme\\Messenger\\msmsgs.exe"="C:\\Programme\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Programme\\NetMeeting\\conf.exe"="C:\\Programme\\NetMeeting\\conf.exe:*:Enabled:Windows© NetMeeting©" "C:\\Programme\\iTunes\\iTunes.exe"="C:\\Programme\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\Programme\\TeamViewer3\\TeamViewer.exe"="C:\\Programme\\TeamViewer3\\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Programme\\Mozilla Firefox\\firefox.exe"="C:\\Programme\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox" "C:\\Programme\\Java\\jre6\\bin\\java.exe"="C:\\Programme\\Java\\jre6\\bin\\java.exe:*:Enabled:Java(TM) Platform SE binary" "C:\\Programme\\MSN Messenger\\msnmsgr.exe"="C:\\Programme\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Programme\\MSN Messenger\\livecall.exe"="C:\\Programme\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Programme\\Interactive Studios\\Plug and Browse\\PlugAndBrowse.exe"="C:\\Programme\\Interactive Studios\\Plug and Browse\\PlugAndBrowse.exe:LocalSubNet:Enabled:Plug and Browse" "C:\\Programme\\Interactive Studios\\Plug and Browse\\PbSysTray.exe"="C:\\Programme\\Interactive Studios\\Plug and Browse\\PbSysTray.exe:LocalSubNet:Enabled:Plug and Browse System Tray" "C:\\Programme\\Interactive Studios\\Plug and Browse\\PlugBrowseSvc.exe"="C:\\Programme\\Interactive Studios\\Plug and Browse\\PlugBrowseSvc.exe:LocalSubNet:Enabled:Plug and Browse Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Programme\\Windows Live\\Messenger\\livecall.exe"="C:\\Programme\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Programme\\MSN Messenger\\msnmsgr.exe"="C:\\Programme\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Programme\\MSN Messenger\\livecall.exe"="C:\\Programme\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [b]Remaining Files [/b]: [b]Files with Hidden Attributes [/b]: Thu 3 Feb 2005 4,348 ..SH. --- "C:\Dokumente und Einstellungen\All Users\DRM\DRMv1.bak" Fri 18 May 2007 0 A.SH. --- "C:\Dokumente und Einstellungen\All Users\DRM\Cache\Indiv02.tmp" Sun 24 May 2009 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\1e29452e9f4e79aa8b6dfcaf6ba19b6a\BIT3B.tmp" Wed 19 Sep 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d9d5f5f1045bf2fb02a62b63d583b7d1\BIT2F4.tmp" [b]Finished![/b]