acha…no to dobrze.reszte zostawie do zrobienia znajomemu.bo ja oczywiscie znów milion pytan musiałabym zadac nim bym “usunęła cos w trybie awaryjnym” .a juz główka mnie od tego zaczyna bolec i myslę ze i Ciebie przy okazji by zaczęła(jesli jeszcze sie trzymasz )
bardzo…bardzo…bardzo dziekuje za pmoc i cierpliwosc :oops: pozdrawiam
Złączono Posta : 05.04.2006 (Sro) 20:35
“Silent Runners.vbs”, revision 44, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by “{++}”
Startup items buried in registry:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
“MSMSGS” = ““C:\Program Files\Messenger\msmsgs.exe” /background” [MS]
“ctfmon.exe” = “C:\WINDOWS\system32\ctfmon.exe” [MS]
“Skype” = ““C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized” [“Skype Technologies S.A.”]
“AQQ” = “C:\PROGRA~1\Wapster\AQQ\AQQ.exe” [file not found]
“Gadu-Gadu” = ““C:\Program Files\Gadu-Gadu\gg.exe” /tray” [“Gadu-Gadu Sp. z oo”]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
“IgfxTray” = “C:\WINDOWS\system32\igfxtray.exe” [“Intel Corporation”]
“HotKeysCmds” = “C:\WINDOWS\system32\hkcmd.exe” [“Intel Corporation”]
“SoundMan” = “SOUNDMAN.EXE” [“Realtek Semiconductor Corp.”]
“SynTPLpr” = “C:\Program Files\Synaptics\SynTP\SynTPLpr.exe” [“Synaptics, Inc.”]
“SynTPEnh” = “C:\Program Files\Synaptics\SynTP\SynTPEnh.exe” [“Synaptics, Inc.”]
“NeroFilterCheck” = “C:\WINDOWS\system32\NeroCheck.exe” [“Ahead Software Gmbh”]
“SunJavaUpdateSched” = “C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe” [“Sun Microsystems, Inc.”]
“MKS_MENU” = “C:\Program Files\MKS\Bin\mks_menu.exe” [file not found]
“WinampAgent” = “C:\Program Files\Winamp\winampa.exe” [null data]
“Cyfro 2” = “C:\Program Files\Cyfro\Cyfro2.exe” [file not found]
“avast!” = “C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [null data]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided)
-> {HKLM…CLSID} = “AcroIEHlprObj Class”
\InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll” [“Adobe Systems Incorporated”]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided)
-> {HKLM…CLSID} = “SSVHelper Class”
\InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll” [“Sun Microsystems, Inc.”]
{AA58ED58-01DD-4d91-8333-CF10577473F7}(Default) = (no title provided)
-> {HKLM…CLSID} = “Google Toolbar Helper”
\InProcServer32(Default) = “c:\program files\google\googletoolbar2.dll” [“Google Inc.”]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
“{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Rozszerzenie CPL kadrowania wyświetlania”
-> {HKLM…CLSID} = “Rozszerzenie CPL kadrowania wyświetlania”
\InProcServer32(Default) = “deskpan.dll” [file not found]
“{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu”
-> {HKLM…CLSID} = “HyperTerminal Icon Ext”
\InProcServer32(Default) = “C:\WINDOWS\system32\hticons.dll” [“Hilgraeve, Inc.”]
“{2F603045-309F-11CF-9774-0020AFD0CFF6}” = “Synaptics Control Panel”
-> {HKLM…CLSID} = (no title provided)
\InProcServer32(Default) = “C:\Program Files\Synaptics\SynTP\SynTPCpl.dll” [“Synaptics, Inc.”]
“{59850401-6664-101B-B21C-00AA004BA90B}” = “Microsoft Office Binder Unbind”
-> {HKLM…CLSID} = “Microsoft Office Binder Unbind”
\InProcServer32(Default) = “C:\PROGRA~1\MICROS~2\Office\1045\UNBIND.DLL” [MS]
“{0006F045-0000-0000-C000-000000000046}” = “Microsoft Outlook Custom Icon Handler”
-> {HKLM…CLSID} = “Rozszerzenie ikon plików programu Outlook”
\InProcServer32(Default) = “C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL” [MS]
“{21569614-B795-46b1-85F4-E737A8DC09AD}” = “Shell Search Band”
-> {HKLM…CLSID} = “Shell Search Band”
\InProcServer32(Default) = “C:\WINDOWS\system32\browseui.dll” [MS]
“{472083B0-C522-11CF-8763-00608CC02F24}” = “avast”
-> {HKLM…CLSID} = “avast”
\InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! igfxcui\DLLName = “igfxsrvc.dll” [“Intel Corporation”]
INFECTION WARNING! WgaLogon\DLLName = “WgaLogon.dll” [file not found]
HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}(Default) = “PDF Column Info”
-> {HKLM…CLSID} = “PDF Shell Extension”
\InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll” [“Adobe Systems, Inc.”]
HKLM\Software\Classes*\shellex\ContextMenuHandlers\
avast(Default) = “{472083B0-C522-11CF-8763-00608CC02F24}”
-> {HKLM…CLSID} = “avast”
\InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
avast(Default) = “{472083B0-C522-11CF-8763-00608CC02F24}”
-> {HKLM…CLSID} = “avast”
\InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”]
Active Desktop and Wallpaper:
Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKCU\Control Panel\Desktop\
“Wallpaper” = “D:\zdjęcia\ruda.bmp”
Enabled Screen Saver:
HKCU\Control Panel\Desktop\
“SCRNSAVE.EXE” = “C:\WINDOWS\system32\ssmypics.scr” [MS]
Startup items in “a11” & “All Users” startup folders:
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
“Adobe Reader Speed Launch” -> shortcut to: “C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe” [“Adobe Systems Incorporated”]
“Microsoft Office” -> shortcut to: “C:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l” [MS]
“Symantec Fax Starter Edition Port” -> shortcut to: “C:\Program Files\Microsoft Office\Office\1045\OLFSNT40.EXE” [MS]
Winsock2 Service Provider DLLs:
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS]
000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS]
000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 11
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
Toolbars, Explorer Bars, Extensions:
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\
“{2318C2B1-4965-11D4-9B18-009027A5CD4F}”
-> {HKLM…CLSID} = “&Google”
\InProcServer32(Default) = “c:\program files\google\googletoolbar2.dll” [“Google Inc.”]
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
“{2318C2B1-4965-11D4-9B18-009027A5CD4F}”
-> {HKLM…CLSID} = “&Google”
\InProcServer32(Default) = “c:\program files\google\googletoolbar2.dll” [“Google Inc.”]
HKLM\Software\Microsoft\Internet Explorer\Toolbar\
“{2318C2B1-4965-11D4-9B18-009027A5CD4F}” = (no title provided)
-> {HKLM…CLSID} = “&Google”
\InProcServer32(Default) = “c:\program files\google\googletoolbar2.dll” [“Google Inc.”]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
“MenuText” = “Sun Java Console”
“CLSIDExtension” = “{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}”
-> {HKCU…CLSID} = “Java Plug-in”
\InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll” [“Sun Microsystems, Inc.”]
-> {HKLM…CLSID} = “Java Plug-in 1.5.0_06”
\InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll” [“Sun Microsystems, Inc.”]
{FB5F1910-F110-11D2-BB9E-00C04F795683}\
“ButtonText” = “Messenger”
“MenuText” = “Windows Messenger”
“Exec” = “C:\Program Files\Messenger\msmsgs.exe” [MS]
Running Services (Display Name, Service Name, Path {Service DLL}):
avast! Antivirus, avast! Antivirus, ““C:\Program Files\Alwil Software\Avast4\ashServ.exe”” [null data]
avast! iAVS4 Control Service, aswUpdSv, ““C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe”” [null data]
avast! Mail Scanner, avast! Mail Scanner, ““C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe” /service” [“ALWIL Software”]
avast! Web Scanner, avast! Web Scanner, ““C:\Program Files\Alwil Software\Avast4\ashWebSv.exe” /service” [“ALWIL Software”]
Windows User Mode Driver Framework, UMWdf, “C:\WINDOWS\system32\wdfmgr.exe” [MS]
Print Monitors:
HKLM\System\CurrentControlSet\Control\Print\Monitors\
OLFax Ports\Driver = “OLFMNT40.DLL” [MS]
-
This report excludes default entries except where indicated.
-
To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
- The search for DESKTOP.INI DLL launch points on all local fixed drives
took 106 seconds.
- The search for all Registry CLSIDs containing dormant Explorer Bars
took 14 seconds.
---------- (total run time: 145 seconds)