Pobierz program SDFix
Chyba się usunęło bo jest napisane, że znalazł tego robaka no i nie ma już tego skanowania poczty.THX.
SDFix: Version 1.107
Run by DOM on 2007-10-09 at 16:45
Microsoft Windows XP [Wersja 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Name:
FCI
SysLibrary
ImagePath:
C:\WINDOWS\System32\svchost.exe:ext.exe
\??\C:\WINDOWS\System32\DefLib.sys
FCI - Deleted
SysLibrary - Deleted
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Trojan Files Found:
C:\DOCUME~1\DOM\USTAWI~1\Temp\winlogon.exe - Deleted
C:\WINDOWS\system32\DefLib.sys - Deleted
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
: ADS Found!
svchost.exe: deleted 51712 bytes in 1 streams.
Checking for remaining Streams
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
Remaining Files:
---------------
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes:
Sat 10 Dec 2005 180,224 A..H. --- "C:\NVIDIA\Win2KXP\81.98\nvudisp.exe"
Sat 10 Dec 2005 116,880 A..H. --- "C:\NVIDIA\Win2KXP\81.98\setup.exe"
Sun 19 Aug 2007 500 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti2.tmp"
Finished!Oto mój Report.txt
SDFix: Version 1.186
Run by Administrator on 2008-05-28 at 13:56
Microsoft Windows XP [Wersja 5.1.2600]
Running From: C:\SDFix
Checking Services :
Name :
ksnhtr
Path :
??\C:\WINDOWS\system32\ksnhtr.sys
ksnhtr - Deleted
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
Checking Files :
Trojan Files Found:
C:\WINDOWS\system32\ksnhtr.sys - Deleted
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-28 14:03:05
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes …
scanning hidden services & system hive …
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg40]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\ESENT]
“EventMessageFile”=str(2):“c:\windows\system32\ESENT.dll”
“CategoryMessageFile”=str(2):“c:\windows\system32\ESENT.dll”
scanning hidden registry entries …
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall{E9F81423-211E-46B6-9AE0-38568BC5CF6F}]
“DisplayName”=“Alcohol 120% (Trial Version)”
scanning hidden files …
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Winamp Remote\bin\Orb.exe”=“C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb”
“C:\Program Files\Winamp Remote\bin\OrbTray.exe”=“C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray”
“C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe”=“C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client”
“D:\Gry\THU 2\Tony Hawks Underground 2\Tony Hawks Underground 2\Game\THUG2.exe”=“D:\Gry\THU 2\Tony Hawks Underground 2\Tony Hawks Underground 2\Game\THUG2.exe:*:Enabled:THUG2”
“D:\Gry\Worms 4 Mayhem demo\worms_mayhem_demo\Worms 4 Mayhem Demo.exe”=“D:\Gry\Worms 4 Mayhem demo\worms_mayhem_demo\Worms 4 Mayhem Demo.exe:*:Enabled:Worms 4 Mayhem Demo”
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
Remaining Files :
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes :
Finished!
Proszę o sprawdzenie go 
Dzięki 