Gutek zrobiłam, jak kazałeś (aczkolwiek ten dll był wyjątkowo uparty, dał się skasować dopiero w wierszu poleceń).
Póki co avast nie sprawdza żadnej poczty, jak będzie z niebieskimi ekranami - wyjdzie w praniu. Pojawił mi się też problem - zniknęły mi podkatalogi w programie pocztowym :shock: miałam ileś tam podkatalogów pod “Odebranymi” i ustawione sortowanie listów, a tu podkatalogów niet - choc na dysku są :shock: to zapewne jest do odzyskania, ale dlaczego zniknęły??
Oto log z silenta:
“Silent Runners.vbs”, revision 41, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by “{++}”
Startup items buried in registry:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
“CTFMON.EXE” = “C:\WINDOWS\system32\ctfmon.exe” [MS]
“Gadu-Gadu” = ““C:\Program Files\Gadu-Gadu\gg.exe” /tray” [“Gadu-Gadu Sp. z oo”]
“Komunikator” = “C:\Program Files\Tlen.pl\tlen.exe” [null data]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
“Cmaudio” = “RunDll32 cmicnfg.cpl,CMICtrlWnd” [MS]
“NeroCheck” = “C:\WINDOWS\system32\NeroCheck.exe” [“Ahead Software Gmbh”]
“Outpost Firewall” = “C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe /waitservice” [“Agnitum”]
“SunJavaUpdateSched” = “;;;;;C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe” [file not found]
“avast!” = “C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [null data]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = “AcroIEHlprObj Class” [from CLSID]
-> {CLSID}\InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll” [“Adobe Systems Incorporated”]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = “SSVHelper Class” [from CLSID]
-> {CLSID}\InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll” [“Sun Microsystems, Inc.”]
{AA58ED58-01DD-4d91-8333-CF10577473F7}(Default) = “Google Toolbar Helper” [from CLSID]
-> {CLSID}\InProcServer32(Default) = “c:\program files\google\googletoolbar2.dll” [“Google Inc.”]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
“{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Rozszerzenie CPL kadrowania wyświetlania”
-> {CLSID}\InProcServer32(Default) = “deskpan.dll” [file not found]
“{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu”
-> {CLSID}\InProcServer32(Default) = “C:\WINDOWS\system32\hticons.dll” [“Hilgraeve, Inc.”]
“{D3796116-94D3-4009-96D7-51578411CC7D}” = “Outpost Shell Extension”
-> {CLSID}\InProcServer32(Default) = “C:\PROGRA~1\Agnitum\OUTPOS~1.0\oshdlr.dll” [“Agnitum Ltd.”]
“{472083B0-C522-11CF-8763-00608CC02F24}” = “avast”
-> {CLSID}\InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”]
“{21569614-B795-46b1-85F4-E737A8DC09AD}” = “Shell Search Band”
-> {CLSID}\InProcServer32(Default) = “C:\WINDOWS\system32\browseui.dll” [MS]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! AtiExtEvent\DLLName = “Ati2evxx.dll” [“ATI Technologies Inc.”]
HKLM\Software\Classes*\shellex\ContextMenuHandlers\
avast(Default) = “{472083B0-C522-11CF-8763-00608CC02F24}”
-> {CLSID}\InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
avast(Default) = “{472083B0-C522-11CF-8763-00608CC02F24}”
-> {CLSID}\InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”]
FineReader(Default) = “{AC0DD14A-8F29-4F88-BE1D-0F0ED1B06C9F}”
-> {CLSID}\InProcServer32(Default) = “C:\Program Files\ABBYY\FineReader 6.0\FECMenu.dll” [“ABBYY (BIT Software)”]
Active Desktop and Wallpaper:
Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKCU\Control Panel\Desktop\
“Wallpaper” = “C:\windows\web\wallpaper\Idylla.bmp”
Enabled Screen Saver:
HKCU\Control Panel\Desktop\
“SCRNSAVE.EXE” = “C:\windows\system32\ssmyst.scr” [MS]
Startup items in “Rodzina 2” & “All Users” startup folders:
C:\Documents and Settings\Rodzina 2\Menu Start\Programy\Autostart
“outpost” -> shortcut to: “C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe” [“Agnitum”]
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
“Adobe Gamma Loader.exe” -> shortcut to: “C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe” [“Adobe Systems, Inc.”]
“Microsoft Office” -> shortcut to: “C:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l” [MS]
Winsock2 Service Provider DLLs:
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS]
000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS]
000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 04, 07 - 14
%SystemRoot%\system32\rsvpsp.dll [MS], 05 - 06
Toolbars, Explorer Bars, Extensions:
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
“{2318C2B1-4965-11D4-9B18-009027A5CD4F}” = “&Google” [from CLSID]
-> {CLSID}\InProcServer32(Default) = “c:\program files\google\googletoolbar2.dll” [“Google Inc.”]
HKLM\Software\Microsoft\Internet Explorer\Toolbar\
“{2318C2B1-4965-11D4-9B18-009027A5CD4F}” = “&Google” [from CLSID]
-> {CLSID}\InProcServer32(Default) = “c:\program files\google\googletoolbar2.dll” [“Google Inc.”]
Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
{21569614-B795-46B1-85F4-E737A8DC09AD}\ = “Shell Search Band” [from CLSID]
-> {CLSID}\InProcServer32(Default) = “C:\WINDOWS\system32\browseui.dll” [MS]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
“MenuText” = “Sun Java Console”
“CLSIDExtension” = “{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}”
-> {CLSID}\InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll” [“Sun Microsystems, Inc.”]
{D6E814A0-E0C5-11D4-8D29-0050BA6940E3}\
“ButtonText” = “FlashGet”
“MenuText” = “&FlashGet”
“Exec” = “C:\PROGRA~1\FlashGet\flashget.exe” [“Amaze Soft”]
{EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A}\
“ButtonText” = “eBay - Homepage”
“CLSIDExtension” = “{1FBA04EE-3024-11D2-8F1F-0000F87ABD16}”
-> {CLSID}\InProcServer32(Default) = “C:\WINDOWS\system32\shdocvw.dll” [MS]
“Exec” = “C:\Program Files\IrfanView\Ebay\Ebay.htm” [null data]
{FB5F1910-F110-11D2-BB9E-00C04F795683}\
“ButtonText” = “Messenger”
“MenuText” = “Windows Messenger”
“Exec” = “C:\Program Files\Messenger\msmsgs.exe” [MS]
Running Services (Display Name, Service Name, Path {Service DLL}):
avast! Antivirus, avast! Antivirus, ““C:\Program Files\Alwil Software\Avast4\ashServ.exe”” [null data]
avast! iAVS4 Control Service, aswUpdSv, ““C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe”” [null data]
avast! Mail Scanner, avast! Mail Scanner, ““C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe” /service” [“ALWIL Software”]
avast! Web Scanner, avast! Web Scanner, ““C:\Program Files\Alwil Software\Avast4\ashWebSv.exe” /service” [“ALWIL Software”]
Print Monitors:
HKLM\System\CurrentControlSet\Control\Print\Monitors\
PDF995 Monitor\Driver = “pdf995mon.dll” [null data]
-
This report excludes default entries except where indicated.
-
To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
- The search for DESKTOP.INI DLL launch points on all local fixed drives
took 67 seconds.
- The search for all Registry CLSIDs containing dormant Explorer Bars
took 12 seconds.
---------- (total run time: 117 seconds)
Pozdrawiam i bardzo, bardzo dziękuję za dotychczasową pomoc :cmok1:
Marysia