x-kom hosting

Powolne uruchamianie XP

SuchyX
utworzono
utworzono

Witam mam taki problem mianowicie po zainstalowaniu programu Daemon Tools 4.08HE Windwos mi się strasznie długo uruchania nie chodzi mi o pasek wczytywania systemu tylko jak już pulpit sie pojawia to nie moge przez pare dobrych minut nic uruchomić :/ odistalowanie Daemon Tools nic nie pomaga i tak mam nawet jak zainstaluje Alcohol 120% wiecie może jakie te programy włączają proces ??

SuchyX
komentarz
komentarz

OKi takie coś mi pokazało

Logfile of HijackThis v1.99.1

Scan saved at 13:27:40, on 2007-03-11

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32Ati2evxx.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSsystem32Ati2evxx.exe

C:WINDOWSExplorer.EXE

C:WINDOWSsystem32spoolsv.exe

C:Program FilesEsetnod32kui.exe

C:Program FilesCreativeSBAudigy2ZSSurround MixerCTSysVol.exe

C:Program FilesCyberLinkPowerDVDPDVDServ.exe

C:Program FilescFosSpeedcFosSpeed.exe

C:Program FilesLogitechSetPointKEM.exe

E:ProgramyTV DekoderSharingSBCL v1.0gSBCL v1.0g.exe

E:Program Filesyzdock83 VistaYzDock.exe

C:Program FilesLogitechSetPointKHALMNPR.EXE

C:Program FilescFosSpeedspd.exe

C:Program FilesEsetnod32krn.exe

C:WINDOWSsystem32oodag.exe

C:Program FilesCyberLinkShared filesRichVideo.exe

E:Program FilesKomunikatoryTlen.pltlen.exe

C:WINDOWSsystem32wscntfy.exe

C:Program FilesAvant Browseravant.exe

C:Documents and SettingsSuchyXPulpitHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza

O4 - HKLM..Run: [nod32kui] "C:Program FilesEsetnod32kui.exe" /WAITSERVICE

O4 - HKLM..Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM..Run: [CTSysVol] C:Program FilesCreativeSBAudigy2ZSSurround MixerCTSysVol.exe /r

O4 - HKLM..Run: [updReg] C:WINDOWSUpdReg.EXE

O4 - HKLM..Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM..Run: [RemoteControl] "C:Program FilesCyberLinkPowerDVDPDVDServ.exe"

O4 - HKLM..Run: [LanguageShortcut] "C:Program FilesCyberLinkPowerDVDLanguageLanguage.exe"

O4 - HKLM..Run: [cFosSpeed] C:Program FilescFosSpeedcFosSpeed.exe

O4 - HKLM..Run: [MSConfig] C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto

O4 - Startup: SBCL v1.0g.lnk = E:ProgramyTV DekoderSharingSBCL v1.0gSBCL v1.0g.exe

O4 - Startup: YzDock.lnk = E:Program Filesyzdock83 VistaYzDock.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:Program FilesLogitechSetPointKEM.exe

O8 - Extra context menu item: Blokuj wszystkie obrazy z tego serwera - C:Program FilesAvant BrowserAddAllToADBlackList.htm

O8 - Extra context menu item: Dodaj do listy blokowanych reklam - C:Program FilesAvant BrowserAddToADBlackList.htm

O8 - Extra context menu item: Otwórz w nowym Avant Browser - C:Program FilesAvant BrowserOpenInNewBrowser.htm

O8 - Extra context menu item: Otwórz wszystkie adresy z tej strony... - C:Program FilesAvant BrowserOpenAllLinks.htm

O8 - Extra context menu item: Podświetl - C:Program FilesAvant BrowserHighlight.htm

O8 - Extra context menu item: Szukaj - C:Program FilesAvant BrowserSearch.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02binnpjpi150_02.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02binnpjpi150_02.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll

O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe

O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - C:Program FilescFosSpeedspd.exe" -service (file missing)

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:Program FilesEsetnod32krn.exe

O23 - Service: O&O Defrag - O&O Software GmbH - C:WINDOWSsystem32oodag.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:Program FilesCyberLinkShared filesRichVideo.exe

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:

---------------------------------

HKCUSoftwareMicrosoftWindowsCurrentVersionRun {++}

"(Default)" = "(empty string)" [file not found]

HKLMSoftwareMicrosoftWindowsCurrentVersionRun {++}

"nod32kui" = ""C:Program FilesEsetnod32kui.exe" /WAITSERVICE" ["Eset "]

"CTxfiHlp" = "CTXFIHLP.EXE" ["Creative Technology Ltd"]

"CTSysVol" = "C:Program FilesCreativeSBAudigy2ZSSurround MixerCTSysVol.exe /r" ["Creative Technology Ltd"]

"UpdReg" = "C:WINDOWSUpdReg.EXE" ["Creative Technology Ltd."]

"Logitech Hardware Abstraction Layer" = "KHALMNPR.EXE" ["Logitech Inc."]

"RemoteControl" = ""C:Program FilesCyberLinkPowerDVDPDVDServ.exe"" ["Cyberlink Corp."]

"LanguageShortcut" = ""C:Program FilesCyberLinkPowerDVDLanguageLanguage.exe"" [null data]

"cFosSpeed" = "C:Program FilescFosSpeedcFosSpeed.exe" ["cFos Software GmbH"]

"MSConfig" = "C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto" [MS]

HKLMSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved

"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"

-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"

InProcServer32(Default) = "deskpan.dll" [file not found]

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"

-> {HKLM...CLSID} = "HyperTerminal Icon Ext"

InProcServer32(Default) = "C:WINDOWSsystem32hticons.dll" ["Hilgraeve, Inc."]

"{B089FE88-FB52-11D3-BDF1-0050DA34150D}" = "NOD32 Context Menu Shell Extension"

-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"

InProcServer32(Default) = "C:Program FilesEsetnodshex.dll" [null data]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"

-> {HKLM...CLSID} = "WinRAR"

InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

"{5E2121EE-0300-11D4-8D3B-444553540000}" = "Catalyst Context Menu extension"

-> {HKLM...CLSID} = "SimpleShlExt Class"

InProcServer32(Default) = "C:Program FilesATI TechnologiesATI.ACECore-Staticatiacmxx.dll" [empty string]

"{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" = "TuneUp Shredder Shell Extension"

-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"

InProcServer32(Default) = "C:Program FilesTuneUp Utilities 2007SDShelEx-win32.dll" ["TuneUp Software GmbH"]

"{44440D00-FF19-4AFC-B765-9A0970567D97}" = "TuneUp Theme Extension"

-> {HKLM...CLSID} = "TuneUp Theme Extension"

InProcServer32(Default) = "C:WINDOWSsystem32uxtuneup.dll" ["TuneUp Software GmbH"]

HKLMSoftwareMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad

"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

-> {HKLM...CLSID} = "WPDShServiceObj Class"

InProcServer32(Default) = "C:WINDOWSsystem32WPDShServiceObj.dll" [MS]

HKLMSystemCurrentControlSetControlSession Manager

<<!>> "BootExecute" = "autocheck autochk *"|"OODBS" ["O&O Software GmbH"]

HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogonNotify

<<!>> AtiExtEventDLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]

HKLMSoftwareClasses*shellexContextMenuHandlers

NOD32 Context Menu Shell Extension(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"

-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"

InProcServer32(Default) = "C:Program FilesEsetnodshex.dll" [null data]

TuneUp Shredder Shell Extension(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"

-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"

InProcServer32(Default) = "C:Program FilesTuneUp Utilities 2007SDShelEx-win32.dll" ["TuneUp Software GmbH"]

WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

HKLMSoftwareClassesDirectoryshellexContextMenuHandlers

TuneUp Shredder Shell Extension(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"

-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"

InProcServer32(Default) = "C:Program FilesTuneUp Utilities 2007SDShelEx-win32.dll" ["TuneUp Software GmbH"]

WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

HKLMSoftwareClassesFoldershellexContextMenuHandlers

NOD32 Context Menu Shell Extension(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"

-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"

InProcServer32(Default) = "C:Program FilesEsetnodshex.dll" [null data]

WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

Group Policies {GPedit.msc branch and setting}:

-----------------------------------------------

Note: detected settings may not have any effect.

HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem

"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Devices: Allow undock without having to log on}

Active Desktop and Wallpaper:

-----------------------------

Active Desktop may be disabled at this entry:

HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCUSoftwareMicrosoftInternet ExplorerDesktopGeneral

"Wallpaper" = "C:WINDOWSsystem32configsystemprofileUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCUControl PanelDesktop

"Wallpaper" = "C:Documents and SettingsSuchyXUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp"

Startup items in "SuchyX" & "All Users" startup folders:

--------------------------------------------------------

C:Documents and SettingsSuchyXMenu StartProgramyAutostart

"SBCL v1.0g" -> shortcut to: "E:ProgramyTV DekoderSharingSBCL v1.0gSBCL v1.0g.exe" [null data]

"YzDock" -> shortcut to: "E:Program Filesyzdock83 VistaYzDock.exe" ["Y'z@Home"]

C:Documents and SettingsAll UsersMenu StartProgramyAutostart

"Logitech SetPoint" -> shortcut to: "C:Program FilesLogitechSetPointKEM.exe" ["Logitech Inc."]

Enabled Scheduled Tasks:

------------------------

"1-Click Maintenance" -> launches: "C:Program FilesTuneUp Utilities 2007SystemOptimizer.exe /schedulestart" ["TuneUp Software GmbH"]

Winsock2 Service Provider DLLs:

-------------------------------

Namespace Service Providers

HKLMSystemCurrentControlSetServicesWinsock2ParametersNameSpace_Catalog5Catalog_E

tries {++}

000000000001LibraryPath = "%SystemRoot%System32mswsock.dll" [MS]

000000000002LibraryPath = "%SystemRoot%System32winrnr.dll" [MS]

000000000003LibraryPath = "%SystemRoot%System32mswsock.dll" [MS]

Transport Service Providers

HKLMSystemCurrentControlSetServicesWinsock2ParametersProtocol_Catalog9Catalog_En

ries {++}

0000000000##PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

imon.dll ["Eset "], 01 - 05, 11

%SystemRoot%system32mswsock.dll [MS], 06 - 08, 12 - 21

%SystemRoot%system32rsvpsp.dll [MS], 09 - 10

Toolbars, Explorer Bars, Extensions:

------------------------------------

Extensions (Tools menu items, main toolbar menu buttons)

HKLMSoftwareMicrosoftInternet ExplorerExtensions

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}

"MenuText" = "Sun Java Console"

"CLSIDExtension" = "{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}"

-> {HKLM...CLSID} = "Java Plug-in 1.5.0_02"

InProcServer32(Default) = "C:Program FilesJavajre1.5.0_02binnpjpi150_02.dll" ["Sun Microsystems, Inc."]

{E2E2DD38-D088-4134-82B7-F2BA38496583}

"MenuText" = "@xpsp3res.dll,-20001"

"Exec" = "%windir%Network Diagnosticxpnetdiag.exe" [MS]

{FB5F1910-F110-11D2-BB9E-00C04F795683}

"ButtonText" = "Messenger"

"MenuText" = "Windows Messenger"

"Exec" = "C:Program FilesMessengermsmsgs.exe" [MS]

Miscellaneous IE Hijack Points

------------------------------

HKLMSoftwareMicrosoftInternet ExplorerAboutURLs

<<H>> "TuneUp" = "file://C|/Documents and Settings/All Users/Dane aplikacji/TuneUp Software/Common/base.css" [file not found]

Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------

Ati HotKey Poller, Ati HotKey Poller, "C:WINDOWSsystem32Ati2evxx.exe" ["ATI Technologies Inc."]

cFosSpeed System Service, cFosSpeedS, ""C:Program FilescFosSpeedspd.exe" -service" ["cFos Software GmbH"]

Cyberlink RichVideo Service(CRVS), RichVideo, ""C:Program FilesCyberLinkShared filesRichVideo.exe"" [empty string]

NOD32 Kernel Service, NOD32krn, ""C:Program FilesEsetnod32krn.exe"" ["Eset "]

O&O Defrag, O&O Defrag, "C:WINDOWSsystem32oodag.exe" ["O&O Software GmbH"]

TuneUp Design Expansion, UxTuneUp, "C:WINDOWSSystem32svchost.exe -k netsvcs" {"C:WINDOWSSystem32uxtuneup.dll" ["TuneUp Software GmbH"]}

----------

<<!>>: Suspicious data at a malware launch point.

<<H>>: Suspicious data at a browser hijack point.

+ This report excludes default entries except where indicated.

+ To see *everywhere* the script checks and *everything* it finds,

launch it from a command prompt or a shortcut with the -all parameter.

+ The search for DESKTOP.INI DLL launch points on all local fixed drives

took 9 seconds.

---------- (total run time: 40 seconds)

Aqui
komentarz
komentarz

Otwórz notatnik i wklej w nim

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession Manager]

"BootExecute"=hex(7):61,00,75,00,74,00,6f,00,63,00,68,00,65,00,63,00,6b,00,20,

00,61,00,75,00,74,00,6f,00,63,00,68,00,6b,00,20,00,2a,00,00,00,00,00

Plik-->zapisz jako-->zmien rozszerzenie z txt na wszystkie pliki i zapisz pod nazwa FIX.REG kliknij 2 razy na powstaly fix i dodaj go do rejestru

Przejrzyj temat o optymalizacji.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.