ADVERTISEMENT

extra.txt

Jak usunąć trojany z systemu Windows po skanowaniu Ad-Aware?

DSS udało mi się zrobić loga. Mam 2 pliki txt, nie wiem który jest bardziej potrzebny. W załączniku masz dwa.


Download file - link to post

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600)
Architecture: X86; Language: Polish

CPU 0: AMD Duron(tm) Processor
Percentage of Memory in Use: 60%
Physical Memory (total/avail): 255.48 MiB / 101.28 MiB
Pagefile Memory (total/avail): 734.51 MiB / 575.34 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1947.91 MiB

A: is Removable (No Media)
C: is Fixed (FAT32) - 9.76 GiB total, 4 GiB free.
D: is Fixed (FAT32) - 27.49 GiB total, 11.21 GiB free.
E: is CDROM (No Media)
F: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - WDC WD400BB-00CAA1 - 37.27 GiB - 2 partitions
\PARTITION0 (bootable) - Unknown - 9.77 GiB - C:
\PARTITION1 - Unknown - 27.5 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is disabled.
AUState says computer has updates disabled.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Mascherano\Dane aplikacji
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DAMIAN
ComSpec=C:\WINDOWS\system32\cmd.exe
LOGONSERVER=\\DAMIAN
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 7 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0701
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\MASCHE~1\USTAWI~1\Temp
TMP=C:\DOCUME~1\MASCHE~1\USTAWI~1\Temp
USERDOMAIN=DAMIAN
USERNAME=Mascherano
USERPROFILE=C:\Documents and Settings\Mascherano
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Mascherano [I](admin)[/I]


-- Add/Remove Programs ---------------------------------------------------------

-- & gt; rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Personal -- & gt; MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
Adobe Flash Player 9 ActiveX -- & gt; C:\WINDOWS\System32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 7.0 -- & gt; MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Archiwizator WinRAR -- & gt; C:\Program Files\WinRAR\uninstall.exe
Avira AntiVir PersonalEdition Classic -- & gt; C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BitComet 0.60 -- & gt; C:\Program Files\BitComet\uninst.exe
C-Media Audio -- & gt; C:\WINDOWS\CMIUnInstall.exe
CCleaner (remove only) -- & gt; " C:\Program Files\CCleaner\uninst.exe "
CDex extraction audio -- & gt; " D:\Program Files\CDex_150\uninstall.exe "
Derive 6 Wersja demonstracyjna -- & gt; C:\Program Files\TI Education\Derive 6 Wersja demonstracyjna\unwise.exe C:\PROGRA~1\TIEDUC~1\DERIVE~1\INSTALL.LOG
Digimax Master -- & gt; RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup " C:\Program Files\InstallShield Installation Information\{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}\Setup.exe " -l0x9 -removeonly
FIFA 2002 -- & gt; RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup " C:\Program Files\InstallShield Installation Information\{6C5A8BA1-8114-11D5-0090-B800902724B3}\setup.exe " -l0x9 Uninstall
foobar2000 -- & gt; " C:\Program Files\foobar2000\uninstall.exe "
Football Manager 2008 -- & gt; " D:\Program Files\Sports Interactive\Football Manager 2008\Uninstall_Football Manager 2008\Uninstall Football Manager 2008.exe "
Gadu-Gadu 7.7 -- & gt; C:\Program Files\Gadu-Gadu\Setup.exe
HijackThis 2.0.2 -- & gt; " C:\Program Files\Trend Micro\HijackThis\HijackThis.exe " /uninstall
hp deskjet 3320 series (Tylko usuñ) -- & gt; C:\Program Files\hp deskjet 3320 series\hpfiui.exe -c -vdivid=HPF -vpnum=95 -vinstport=USB001 -vproduct=3320 -huninstall
IrfanView (remove only) -- & gt; C:\Program Files\IrfanView\iv_uninstall.exe
Java 2 Runtime Environment, SE v1.4.0_03 -- & gt; RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup " C:\Program Files\InstallShield Installation Information\{AC1E4C93-C1E7-11D6-9D10-00010240CE95}\Setup.exe " Anytext
Java Web Start -- & gt; " C:\Program Files\Java Web Start\uninst-javaws.exe "
K-Lite Mega Codec Pack 3.3.5 -- & gt; " C:\Program Files\K-Lite Codec Pack\unins000.exe "
Librus Ocena Opisowa -- & gt; " D:\Ocena Opisowa\uninstall_N.exe "
Microsoft Office Professional Edition 2003 -- & gt; MsiExec.exe /I{90110415-6000-11D3-8CFE-0150048383C9}
mIRC -- & gt; " C:\Program Files\mIRC\mirc.exe " -uninstall
Multimedia Combo Set Driver -- & gt; RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup " C:\Program Files\InstallShield Installation Information\{ECFADFA9-F1B7-438E-A2DC-C6D482D5C760}\Setup.exe "
NAPIPROJEKT 1.0.4.5 -- & gt; D:\NAPI-PROJEKT\unins000.exe
Neostrada TP -- & gt; C:\PROGRA~1\NEOSTR~1\SondageDesinstallation.exe
Nero 6 Ultra Edition -- & gt; C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Niezbêdnik -- & gt; " C:\Program Files\Niezbêdnik\unins000.exe "
Niezbêdnik CD -- & gt; C:\WINDOWS\unins000.exe
NVIDIA Windows 2000/XP Display Drivers -- & gt; rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nv4_disp.inf
Opera 9.10 -- & gt; MsiExec.exe /X{750B9AD1-4C63-4143-94C5-6FB304199BAD}
PowerDVD -- & gt; RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup " C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe " -uninstall
SAGEM F@st 800-840 -- & gt; RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup " C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe " -l0x15
Samsung USB Driver -- & gt; RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup " C:\Program Files\InstallShield Installation Information\{86D6A20D-3910-4441-A3E5-EB6977251C86}\Setup.exe " anything
Skype 3.0 -- & gt; " C:\Program Files\Skype\Phone\unins000.exe "
Skype Plugin Manager -- & gt; MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
SUPERAntiSpyware Free Edition -- & gt; MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
TeamSpeak 2 RC2 -- & gt; D:\Teamspeak2_RC2\unins000.exe
Translatica -- & gt; C:\Program Files\poleng\translatica\_uninst\uninstaller.exe
upapp -- & gt; MsiExec.exe /I{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}
Winamp (remove only) -- & gt; " C:\Program Files\Winamp\UninstWA.exe "
Wolfenstein - Enemy Territory -- & gt; D:\PROGRA~1\WOLFEN~1\Uninstall\Unwise.exe /u D:\PROGRA~1\WOLFEN~1\Uninstall\Install.log
Yahoo! Install Manager -- & gt; C:\WINDOWS\System32\regsvr32 /u C:\PROGRA~1\YAHOO!\Common\YINSTH~1.DLL


-- Application Event Log -------------------------------------------------------

Event Record #/Type1267 / Warning
Event Submitted/Written: 11/23/2007 04:19:43 PM
Event ID/Source: 4113 / H+BEDV AntiVir
Event Description:
AntiVir has detected 'DIAL/24264.A.1'
in the file
C:\Documents and Settings\Mascherano\Dane aplikacji\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 11-23-2007 - 16-19-42\{CA18FAFD-0526-40FC-93B9-29695C526B55}

Event Record #/Type1242 / Error
Event Submitted/Written: 11/18/2007 07:48:01 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Aplikacja zawieszaj¹ca nero.exe, wersja 6.6.0.13, modu³ zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Event Record #/Type1212 / Error
Event Submitted/Written: 11/11/2007 10:50:51 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Aplikacja zawieszaj¹ca nero.exe, wersja 6.6.0.13, modu³ zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Event Record #/Type1211 / Error
Event Submitted/Written: 11/11/2007 10:50:39 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Aplikacja zawieszaj¹ca nero.exe, wersja 6.6.0.13, modu³ zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Event Record #/Type1208 / Error
Event Submitted/Written: 11/10/2007 10:22:28 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Aplikacja zawieszaj¹ca AcroRd32.exe, wersja 7.0.0.0, modu³ zawieszenia AcroRd32.dll, wersja 7.0.0.1333, adres zawieszenia 0x000693d2.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type28399 / Error
Event Submitted/Written: 11/23/2007 09:12:48 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Nie mo¿na uruchomiæ us³ugi Secdrv z powodu nastêpuj¹cego b³êdu:
%%2

Event Record #/Type28398 / Error
Event Submitted/Written: 11/23/2007 09:12:48 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Nie mo¿na uruchomiæ us³ugi General Purpose USB Driver (adildr.sys) z powodu nastêpuj¹cego b³êdu:
%%1058

Event Record #/Type28397 / Error
Event Submitted/Written: 11/23/2007 09:11:29 PM / 11/23/2007 09:11:37 PM
Event ID/Source: 7 / Cdrom
Event Description:
W urz¹dzeniu \Device\CdRom1 wyst¹pi³ z³y blok.

Event Record #/Type28396 / Error
Event Submitted/Written: 11/23/2007 09:11:28 PM / 11/23/2007 09:11:37 PM
Event ID/Source: 7 / Cdrom
Event Description:
W urz¹dzeniu \Device\CdRom1 wyst¹pi³ z³y blok.

Event Record #/Type28395 / Error
Event Submitted/Written: 11/23/2007 09:11:27 PM / 11/23/2007 09:11:37 PM
Event ID/Source: 7 / Cdrom
Event Description:
W urz¹dzeniu \Device\CdRom1 wyst¹pi³ z³y blok.



-- End of Deckard's System Scanner: finished at 2007-11-23 21:49:56 ------------