Код:
SDFix: Version 1.240
Run by Ђ¤¬Ё*Ёбва*в®а on 16.05.2010 at 19:42
Microsoft Windows XP [‚ҐабЁп 5.1.2600]
Running From: C:\SDFix
Checking Services :
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
Checking Files :
Trojan Files Found:
C:\Documents and Settings\LocalService\Application Data\twain_32\user.ds - Deleted
C:\WINDOWS\system32\svchost.t__ - Deleted
Folder C:\Documents and Settings\LocalService\Application Data\twain_32 - Removed
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-16 19:49:57
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Documents and Settings\\Андрей\\Мои документы\\Warcraft III\\Warcraft III.exe"="C:\\Documents and Settings\\Андрей\\Мои документы\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"E:\\Фёдор\\GAMES\\LoL\\Riot Games\\League of Legends\\air\\LolClient.exe"="E:\\Фёдор\\GAMES\\LoL\\Riot Games\\League of Legends\\air\\LolClient.exe:*:Enabled:League of Legends Lobby"
"E:\\Фёдор\\GAMES\\LoL\\Riot Games\\League of Legends\\game\\League of Legends.exe"="E:\\Фёдор\\GAMES\\LoL\\Riot Games\\League of Legends\\game\\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\\Program Files\\Mail.Ru\\Sputnik\\SputnikFlashPlayer.exe"="C:\\Program Files\\Mail.Ru\\Sputnik\\SputnikFlashPlayer.exe:*:Enabled:Sputnik@Mail.Ru flash player"
"C:\\Program Files\\Mail.Ru\\Sputnik\\SputnikHelper.exe"="C:\\Program Files\\Mail.Ru\\Sputnik\\SputnikHelper.exe:*:Enabled:Sputnik@Mail.Ru helper object"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
Remaining Files :
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes :
Wed 5 May 1999 95,202 ..SH. --- "C:\COMMAND.COM"
Sun 30 Nov 2003 0 ..SH. --- "C:\LOGO.SYS"
Finished!
