SuchyX utworzono 11 marca 2007 utworzono 11 marca 2007 Witam mam taki problem mianowicie po zainstalowaniu programu Daemon Tools 4.08HE Windwos mi się strasznie długo uruchania nie chodzi mi o pasek wczytywania systemu tylko jak już pulpit sie pojawia to nie moge przez pare dobrych minut nic uruchomić :/ odistalowanie Daemon Tools nic nie pomaga i tak mam nawet jak zainstaluje Alcohol 120% wiecie może jakie te programy włączają proces ??
Aqui komentarz 11 marca 2007 komentarz 11 marca 2007 Wklej logi z Hijackthis i Silentrunners. opis--> http://www.pcboard.pl/viewtopic.php?t=13 Przejrzyj rowniez temat Optymalizacja ustawień Windowsa XP Szczegolnie punkt 17.
SuchyX komentarz 11 marca 2007 Autor komentarz 11 marca 2007 OKi takie coś mi pokazało Logfile of HijackThis v1.99.1 Scan saved at 13:27:40, on 2007-03-11 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe C:Program FilesEsetnod32kui.exe C:Program FilesCreativeSBAudigy2ZSSurround MixerCTSysVol.exe C:Program FilesCyberLinkPowerDVDPDVDServ.exe C:Program FilescFosSpeedcFosSpeed.exe C:Program FilesLogitechSetPointKEM.exe E:ProgramyTV DekoderSharingSBCL v1.0gSBCL v1.0g.exe E:Program Filesyzdock83 VistaYzDock.exe C:Program FilesLogitechSetPointKHALMNPR.EXE C:Program FilescFosSpeedspd.exe C:Program FilesEsetnod32krn.exe C:WINDOWSsystem32oodag.exe C:Program FilesCyberLinkShared filesRichVideo.exe E:Program FilesKomunikatoryTlen.pltlen.exe C:WINDOWSsystem32wscntfy.exe C:Program FilesAvant Browseravant.exe C:Documents and SettingsSuchyXPulpitHijackThis.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza O4 - HKLM..Run: [nod32kui] "C:Program FilesEsetnod32kui.exe" /WAITSERVICE O4 - HKLM..Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM..Run: [CTSysVol] C:Program FilesCreativeSBAudigy2ZSSurround MixerCTSysVol.exe /r O4 - HKLM..Run: [updReg] C:WINDOWSUpdReg.EXE O4 - HKLM..Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM..Run: [RemoteControl] "C:Program FilesCyberLinkPowerDVDPDVDServ.exe" O4 - HKLM..Run: [LanguageShortcut] "C:Program FilesCyberLinkPowerDVDLanguageLanguage.exe" O4 - HKLM..Run: [cFosSpeed] C:Program FilescFosSpeedcFosSpeed.exe O4 - HKLM..Run: [MSConfig] C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto O4 - Startup: SBCL v1.0g.lnk = E:ProgramyTV DekoderSharingSBCL v1.0gSBCL v1.0g.exe O4 - Startup: YzDock.lnk = E:Program Filesyzdock83 VistaYzDock.exe O4 - Global Startup: Logitech SetPoint.lnk = C:Program FilesLogitechSetPointKEM.exe O8 - Extra context menu item: Blokuj wszystkie obrazy z tego serwera - C:Program FilesAvant BrowserAddAllToADBlackList.htm O8 - Extra context menu item: Dodaj do listy blokowanych reklam - C:Program FilesAvant BrowserAddToADBlackList.htm O8 - Extra context menu item: Otwórz w nowym Avant Browser - C:Program FilesAvant BrowserOpenInNewBrowser.htm O8 - Extra context menu item: Otwórz wszystkie adresy z tej strony... - C:Program FilesAvant BrowserOpenAllLinks.htm O8 - Extra context menu item: Podświetl - C:Program FilesAvant BrowserHighlight.htm O8 - Extra context menu item: Szukaj - C:Program FilesAvant BrowserSearch.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02binnpjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02binnpjpi150_02.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - C:Program FilescFosSpeedspd.exe" -service (file missing) O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:Program FilesEsetnod32krn.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:WINDOWSsystem32oodag.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:Program FilesCyberLinkShared filesRichVideo.exe "Silent Runners.vbs", revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCUSoftwareMicrosoftWindowsCurrentVersionRun {++} "(Default)" = "(empty string)" [file not found] HKLMSoftwareMicrosoftWindowsCurrentVersionRun {++} "nod32kui" = ""C:Program FilesEsetnod32kui.exe" /WAITSERVICE" ["Eset "] "CTxfiHlp" = "CTXFIHLP.EXE" ["Creative Technology Ltd"] "CTSysVol" = "C:Program FilesCreativeSBAudigy2ZSSurround MixerCTSysVol.exe /r" ["Creative Technology Ltd"] "UpdReg" = "C:WINDOWSUpdReg.EXE" ["Creative Technology Ltd."] "Logitech Hardware Abstraction Layer" = "KHALMNPR.EXE" ["Logitech Inc."] "RemoteControl" = ""C:Program FilesCyberLinkPowerDVDPDVDServ.exe"" ["Cyberlink Corp."] "LanguageShortcut" = ""C:Program FilesCyberLinkPowerDVDLanguageLanguage.exe"" [null data] "cFosSpeed" = "C:Program FilescFosSpeedcFosSpeed.exe" ["cFos Software GmbH"] "MSConfig" = "C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto" [MS] HKLMSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania" -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania" InProcServer32(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" InProcServer32(Default) = "C:WINDOWSsystem32hticons.dll" ["Hilgraeve, Inc."] "{B089FE88-FB52-11D3-BDF1-0050DA34150D}" = "NOD32 Context Menu Shell Extension" -> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension" InProcServer32(Default) = "C:Program FilesEsetnodshex.dll" [null data] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data] "{5E2121EE-0300-11D4-8D3B-444553540000}" = "Catalyst Context Menu extension" -> {HKLM...CLSID} = "SimpleShlExt Class" InProcServer32(Default) = "C:Program FilesATI TechnologiesATI.ACECore-Staticatiacmxx.dll" [empty string] "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" = "TuneUp Shredder Shell Extension" -> {HKLM...CLSID} = "TuneUp Shredder Shell Extension" InProcServer32(Default) = "C:Program FilesTuneUp Utilities 2007SDShelEx-win32.dll" ["TuneUp Software GmbH"] "{44440D00-FF19-4AFC-B765-9A0970567D97}" = "TuneUp Theme Extension" -> {HKLM...CLSID} = "TuneUp Theme Extension" InProcServer32(Default) = "C:WINDOWSsystem32uxtuneup.dll" ["TuneUp Software GmbH"] HKLMSoftwareMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad "WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" -> {HKLM...CLSID} = "WPDShServiceObj Class" InProcServer32(Default) = "C:WINDOWSsystem32WPDShServiceObj.dll" [MS] HKLMSystemCurrentControlSetControlSession Manager <<!>> "BootExecute" = "autocheck autochk *"|"OODBS" ["O&O Software GmbH"] HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogonNotify <<!>> AtiExtEventDLLName = "Ati2evxx.dll" ["ATI Technologies Inc."] HKLMSoftwareClasses*shellexContextMenuHandlers NOD32 Context Menu Shell Extension(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}" -> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension" InProcServer32(Default) = "C:Program FilesEsetnodshex.dll" [null data] TuneUp Shredder Shell Extension(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" -> {HKLM...CLSID} = "TuneUp Shredder Shell Extension" InProcServer32(Default) = "C:Program FilesTuneUp Utilities 2007SDShelEx-win32.dll" ["TuneUp Software GmbH"] WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data] HKLMSoftwareClassesDirectoryshellexContextMenuHandlers TuneUp Shredder Shell Extension(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" -> {HKLM...CLSID} = "TuneUp Shredder Shell Extension" InProcServer32(Default) = "C:Program FilesTuneUp Utilities 2007SDShelEx-win32.dll" ["TuneUp Software GmbH"] WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data] HKLMSoftwareClassesFoldershellexContextMenuHandlers NOD32 Context Menu Shell Extension(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}" -> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension" InProcServer32(Default) = "C:Program FilesEsetnodshex.dll" [null data] WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCUSoftwareMicrosoftInternet ExplorerDesktopGeneral "Wallpaper" = "C:WINDOWSsystem32configsystemprofileUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCUControl PanelDesktop "Wallpaper" = "C:Documents and SettingsSuchyXUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp" Startup items in "SuchyX" & "All Users" startup folders: -------------------------------------------------------- C:Documents and SettingsSuchyXMenu StartProgramyAutostart "SBCL v1.0g" -> shortcut to: "E:ProgramyTV DekoderSharingSBCL v1.0gSBCL v1.0g.exe" [null data] "YzDock" -> shortcut to: "E:Program Filesyzdock83 VistaYzDock.exe" ["Y'z@Home"] C:Documents and SettingsAll UsersMenu StartProgramyAutostart "Logitech SetPoint" -> shortcut to: "C:Program FilesLogitechSetPointKEM.exe" ["Logitech Inc."] Enabled Scheduled Tasks: ------------------------ "1-Click Maintenance" -> launches: "C:Program FilesTuneUp Utilities 2007SystemOptimizer.exe /schedulestart" ["TuneUp Software GmbH"] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLMSystemCurrentControlSetServicesWinsock2ParametersNameSpace_Catalog5Catalog_E tries {++} 000000000001LibraryPath = "%SystemRoot%System32mswsock.dll" [MS] 000000000002LibraryPath = "%SystemRoot%System32winrnr.dll" [MS] 000000000003LibraryPath = "%SystemRoot%System32mswsock.dll" [MS] Transport Service Providers HKLMSystemCurrentControlSetServicesWinsock2ParametersProtocol_Catalog9Catalog_En ries {++} 0000000000##PackedCatalogItem (contains) DLL [Company Name], (at) ## range: imon.dll ["Eset "], 01 - 05, 11 %SystemRoot%system32mswsock.dll [MS], 06 - 08, 12 - 21 %SystemRoot%system32rsvpsp.dll [MS], 09 - 10 Toolbars, Explorer Bars, Extensions: ------------------------------------ Extensions (Tools menu items, main toolbar menu buttons) HKLMSoftwareMicrosoftInternet ExplorerExtensions {08B0E5C0-4FCB-11CF-AAA5-00401C608501} "MenuText" = "Sun Java Console" "CLSIDExtension" = "{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}" -> {HKLM...CLSID} = "Java Plug-in 1.5.0_02" InProcServer32(Default) = "C:Program FilesJavajre1.5.0_02binnpjpi150_02.dll" ["Sun Microsystems, Inc."] {E2E2DD38-D088-4134-82B7-F2BA38496583} "MenuText" = "@xpsp3res.dll,-20001" "Exec" = "%windir%Network Diagnosticxpnetdiag.exe" [MS] {FB5F1910-F110-11D2-BB9E-00C04F795683} "ButtonText" = "Messenger" "MenuText" = "Windows Messenger" "Exec" = "C:Program FilesMessengermsmsgs.exe" [MS] Miscellaneous IE Hijack Points ------------------------------ HKLMSoftwareMicrosoftInternet ExplorerAboutURLs <<H>> "TuneUp" = "file://C|/Documents and Settings/All Users/Dane aplikacji/TuneUp Software/Common/base.css" [file not found] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Ati HotKey Poller, Ati HotKey Poller, "C:WINDOWSsystem32Ati2evxx.exe" ["ATI Technologies Inc."] cFosSpeed System Service, cFosSpeedS, ""C:Program FilescFosSpeedspd.exe" -service" ["cFos Software GmbH"] Cyberlink RichVideo Service(CRVS), RichVideo, ""C:Program FilesCyberLinkShared filesRichVideo.exe"" [empty string] NOD32 Kernel Service, NOD32krn, ""C:Program FilesEsetnod32krn.exe"" ["Eset "] O&O Defrag, O&O Defrag, "C:WINDOWSsystem32oodag.exe" ["O&O Software GmbH"] TuneUp Design Expansion, UxTuneUp, "C:WINDOWSSystem32svchost.exe -k netsvcs" {"C:WINDOWSSystem32uxtuneup.dll" ["TuneUp Software GmbH"]} ---------- <<!>>: Suspicious data at a malware launch point. <<H>>: Suspicious data at a browser hijack point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 9 seconds. ---------- (total run time: 40 seconds)
Aqui komentarz 11 marca 2007 komentarz 11 marca 2007 Otwórz notatnik i wklej w nim Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession Manager] "BootExecute"=hex(7):61,00,75,00,74,00,6f,00,63,00,68,00,65,00,63,00,6b,00,20, 00,61,00,75,00,74,00,6f,00,63,00,68,00,6b,00,20,00,2a,00,00,00,00,00 Plik-->zapisz jako-->zmien rozszerzenie z txt na wszystkie pliki i zapisz pod nazwa FIX.REG kliknij 2 razy na powstaly fix i dodaj go do rejestru Przejrzyj temat o optymalizacji.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.