CentrumXP Forum Tematyka portalu CentrumXP.pl Windows XP Usługa udostepniania internetu - problem z włączeniem - błąd 123

Usługa udostepniania internetu - problem z włączeniem - błąd 123

Od wczoraj podczas uruchamiania systemu nie włącza sie usluga "zapora...." nie moge jej wlaczyc recznie gdyz wyskakuje bląd:



w dzinniku widnieje taki zapis:

------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Typ zdarzenia: Błąd
Źródło zdarzenia: Service Control Manager
Kategoria zdarzenia: Brak
Identyfikator zdarzenia: 7000
Data: 2007-02-08
Godzina: 13:29:51
Użytkownik: Brak
Komputer: HOME
Opis:
Nie można uruchomić usługi Zapora połączenia internetowego / Udostępnianie połączenia internetowego z powodu następującego błędu:
Nazwa pliku, nazwa katalogu lub składnia etykiety woluminu jest niepoprawna.

Aby znaleźć więcej informacji, zobacz http://go.microsoft.com/fwlink/events.asp w Centrum pomocy i obsługi technicznej.

------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Bede wdzieczny za pomoc.

Odpowiedzi: 1

W tym dziale, w FAQ Bobi zamieścił fixa na rozwaloną usługę SharedAccess (na samym końcu przy okazji komunikatu "Z powodu nieznanego błędu ... ") - ściągnij go, scal z rejestrem, zrestartuj system. Sprawdź czy zadziała. Jeżeli Ci przeszkadzają angielskie nazwy i obisy usługi to wyedytuj sobie tego rega i wytnij linijki dotyczące "Description" i "DisplayName"
Żółty
Dodano
08.02.2007 19:53:29
  • deshu 08.02.2007 23:57:27

    Bylo ok, <STRONG>ALE </STRONG>po restarcie systemu usluga<STRONG> ZNIKNELA </STRONG>z listy uslug. Licze na dalsza pomoc.

  • Żółty 09.02.2007 00:01:18

    <P>Usługe ponownie przywróć fixem.</P> <P>Pokaż też logi - HijackThis, SilentRunners i Smitfraudfix (ściągasz, rozpakowujesz, uruchamiasz smitfraudfix.cmd i z opcji 1 - Search robisz loga).</P>

  • deshu 09.02.2007 00:16:29

    ponownie dodanie kluczy fixxem nie przywraca uslugi, nadal nie ma jej na liscie<BR><BR>----------------------------------------------------------------------------------<BR>SmitFraudFix v2.141<BR><BR>Scan done at 23:16:44,01, 2007-02-08<BR>Run from C:\Documents and Settings\Grzelu\Pulpit\SmitfraudFix<BR>OS: Microsoft Windows XP [Wersja 5.1.2600] - Windows_NT<BR>The filesystem type is NTFS<BR>Fix run in normal mode<BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» hosts<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» C:\<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Grzelu<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Grzelu\Application Data<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» Start Menu<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Grzelu\Ulubione<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» Desktop<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files <BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components<BR> [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]<BR>"Source"="About:Home"<BR>"SubscribedURL"="About:Home"<BR>"FriendlyName"="Moja bieľĄca strona gˆ˘wna"<BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler<BR>!!!Attention, following keys are not inevitably infected!!!<BR><BR>SrchSTS.exe by S!Ri<BR>Search SharedTaskScheduler's .dll<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs<BR>!!!Attention, following keys are not inevitably infected!!!<BR><BR>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]<BR>"AppInit_DLLs"=""<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System<BR>!!!Attention, following keys are not inevitably infected!!!<BR><BR>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]<BR>"System"=""<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection<BR><BR><BR>»»»»»»»»»»»»»»»»»»»»»»»» End<BR><BR><BR>----------------------------------------------------------------------------------<BR><BR>Logfile of HijackThis v1.99.1<BR>Scan saved at 23:21:27, on 2007-02-08<BR>Platform: Windows XP (WinNT 5.01.2600)<BR>MSIE: Internet Explorer v6.00 (6.00.2600.0000)<BR><BR>Running processes:<BR>C:\WINDOWS\System32\smss.exe<BR>C:\WINDOWS\system32\winlogon.exe<BR>C:\WINDOWS\system32\services.exe<BR>C:\WINDOWS\system32\lsass.exe<BR>C:\WINDOWS\system32\svchost.exe<BR>C:\WINDOWS\System32\svchost.exe<BR>C:\WINDOWS\system32\spoolsv.exe<BR>C:\WINDOWS\Explorer.EXE<BR>C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe<BR>C:\Program Files\Eset\nod32kui.exe<BR>C:\WINDOWS\System32\ctfmon.exe<BR>C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe<BR>C:\Program Files\Xfire\Xfire.exe<BR>C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe<BR>C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe<BR>C:\Program Files\Eset\nod32krn.exe<BR>C:\WINDOWS\System32\nvsvc32.exe<BR>C:\Program Files\Opera\Opera.exe<BR>C:\WINDOWS\System32\WScript.exe<BR>C:\WINDOWS\System32\WScript.exe<BR>C:\WINDOWS\System32\WScript.exe<BR>C:\Documents and Settings\Grzelu\Pulpit\hijackthis1.99.1\HijackThis.exe<BR><BR>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = <BR>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza<BR>R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)<BR>O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll<BR>O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll<BR>O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll<BR>O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll<BR>O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll<BR>O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll<BR>O3 - Toolbar: &amp;Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx<BR>O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"<BR>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"<BR>O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime<BR>O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup<BR>O4 - HKLM\..\Run: [nwiz] nwiz.exe /install<BR>O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE<BR>O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice<BR>O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup<BR>O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit<BR>O4 - HKLM\..\Run: [Msn Windows Joiner] msnwin.exe<BR>O4 - HKLM\..\RunServices: [Msn Windows Joiner] msnwin.exe<BR>O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe<BR>O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe<BR>O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe<BR>O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe<BR>O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe<BR>O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE<BR>O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1<BR>O8 - Extra context menu item: &amp;Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm<BR>O8 - Extra context menu item: &amp;Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm<BR>O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm<BR>O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm<BR>O8 - Extra context menu item: Download link using &amp;BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm<BR>O8 - Extra context menu item: E&amp;xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000<BR>O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll<BR>O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll<BR>O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm<BR>O9 - Extra 'Tools' menuitem: Show &amp;Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm<BR>O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe<BR>O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe<BR>O17 - HKLM\System\CCS\Services\Tcpip\..\{A68941E4-AE48-487B-99BC-F015EFB7C0A8}: NameServer = 194.204.152.34<BR>O17 - HKLM\System\CCS\Services\Tcpip\..\{DC0E032F-ADC5-4CD4-9178-1205F552CCDD}: NameServer = 194.204.152.34<BR>O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe<BR>O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe<BR>O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe<BR>O23 - Service: License Management Service ESD - Unknown owner - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe<BR>O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe<BR>O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe<BR>O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe<BR>O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\System32\UTSCSI.EXE<BR><BR>--------------------------------<BR><BR><BR>Dodam tez ze reinstal sys nic nie pomogl.<BR><BR><BR>log z silentrunera jutro,d zis juz nie daje rady<BR><BR><BR><BR>

  • Żółty 09.02.2007 00:52:07

    <P><BLOCKQUOTE><div><img src="http://portal.centrumxp.pl/Themes/default/images/icon-quote.gif"> <strong>deshu:</strong></div><div>ponownie dodanie kluczy fixxem nie przywraca uslugi,&nbsp;nadal&nbsp;nie&nbsp;ma&nbsp;jej&nbsp;na&nbsp;liscie</div></BLOCKQUOTE></P> <P>Ale - szukasz jej pod polska nazwą czy angielską ?? Bo jak nie zmienileś to .... &nbsp;</P> <P>Kosmetycznie ciachnij - pozostałość po sofcie neostradowym.&nbsp;</P> <P><BLOCKQUOTE><div>R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)</div></BLOCKQUOTE></P> <P><BR>&nbsp;</P> <P>Jest i syfek.&nbsp;Wpisy do fixa. Plik do odszukania i wywalenia.</P> <P><BLOCKQUOTE><div>O4 - HKLM\..\Run: [Msn Windows Joiner] msnwin.exe<BR>O4 - HKLM\..\RunServices: [Msn Windows Joiner] msnwin.exe</div></BLOCKQUOTE><BR></P> <P>Coś Ci nałozyło restrykcje&nbsp;na uruchamianie edytora rejestru.&nbsp;</P> <P><BLOCKQUOTE><div>O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1</div></BLOCKQUOTE></P> <P><BR>&nbsp;</P> <P>Od ręki napisz - jakieś skrypy uruchamialeś w czasie robienia loga Hijacka ?? Bo trzy instancje systemowego hosta skryptów na liście procesów widnieją.</P> <P><BLOCKQUOTE><div>C:\WINDOWS\System32\WScript.exe<BR>C:\WINDOWS\System32\WScript.exe<BR>C:\WINDOWS\System32\WScript.exe</div></BLOCKQUOTE></P>

  • deshu 09.02.2007 11:36:08

    Po pierwsze wpis z silenta:<BR><BR>"Silent Runners.vbs", revision R50, http://www.silentrunners.org/<BR>Operating System: Windows XP<BR>Output limited to non-default values, except where indicated by "{++}"<BR><BR><BR>Startup items buried in registry:<BR>---------------------------------<BR><BR>HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}<BR>"CTFMON.EXE" = "C:\WINDOWS\System32\ctfmon.exe" [MS]<BR>"Komunikator" = "C:\Program Files\Tlen.pl\tlen.exe" ["o2.pl Sp. z o.o."]<BR>"Steam" = "(empty string)" [file not found]<BR><BR>HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}<BR>"NVMixerTray" = ""C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"" ["NVIDIA Corporation"]<BR>"SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"" [file not found]<BR>"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]<BR>"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup" [MS]<BR>"nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"]<BR>"nod32kui" = ""C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE" ["Eset "]<BR>"Outpost Firewall" = "C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice" ["Agnitum Ltd."]<BR>"OutpostFeedBack" = "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup" ["Agnitum Ltd."]<BR>"NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit" [MS]<BR>"Msn Windows Joiner" = "msnwin.exe" [file not found]<BR><BR>HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\<BR>{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)<BR> -&gt; {HKLM...CLSID} = "AcroIEHlprObj Class"<BR> \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]<BR>{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}\(Default) = "flashget urlcatch"<BR> -&gt; {HKLM...CLSID} = "FGCatchUrl"<BR> \InProcServer32\(Default) = "C:\Program Files\FlashGet\jccatch.dll" ["www.flashget.com"]<BR>{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\(Default) = "BitComet ClickCapture"<BR> -&gt; {HKLM...CLSID} = "BitComet Helper"<BR> \InProcServer32\(Default) = "C:\Program Files\BitComet\tools\BitCometBHO.dll" ["BitComet"]<BR>{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)<BR> -&gt; {HKLM...CLSID} = "SSVHelper Class"<BR> \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll" ["Sun Microsystems, Inc."]<BR>{F156768E-81EF-470C-9057-481BA8380DBA}\(Default) = (no title provided)<BR> -&gt; {HKLM...CLSID} = "FlashGet GetFlash Class"<BR> \InProcServer32\(Default) = "C:\Program Files\FlashGet\getflash.dll" ["www.flashget.com"]<BR><BR>HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\<BR>"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"<BR> -&gt; {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"<BR> \InProcServer32\(Default) = "deskpan.dll" [file not found]<BR>"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"<BR> -&gt; {HKLM...CLSID} = "HyperTerminal Icon Ext"<BR> \InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]<BR>"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"<BR> -&gt; {HKLM...CLSID} = "Portable Media Devices Menu"<BR> \InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]<BR>"{8FF88D21-7BD0-11D1-BFB7-00AA00262A11}" = "WinAce Archiver 2.5 Context Menu Shell Extension"<BR> -&gt; {HKLM...CLSID} = "WinAceContext Menu Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\WinAce\arcext.dll" ["e-merge GmbH"]<BR>"{8FF88D25-7BD0-11D1-BFB7-00AA00262A11}" = "WinAce Archiver 2.5 DragDrop Shell Extension"<BR> -&gt; {HKLM...CLSID} = "WinAceDrag-Drop Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\WinAce\arcext.dll" ["e-merge GmbH"]<BR>"{8FF88D27-7BD0-11D1-BFB7-00AA00262A11}" = "WinAce Archiver 2.5 Context Menu Shell Extension"<BR> -&gt; {HKLM...CLSID} = "WinAceContext Menu (Add) Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\WinAce\arcext.dll" ["e-merge GmbH"]<BR>"{8FF88D23-7BD0-11D1-BFB7-00AA00262A11}" = "WinAce Archiver 2.5 Property Sheet Shell Extension"<BR> -&gt; {HKLM...CLSID} = "WinAceProperty Sheet Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\WinAce\arcext.dll" ["e-merge GmbH"]<BR>"{0f0a4d40-adf0-4e8f-98d8-7208b98be01e}" = "ImageShack QuickLoad Image Uploader"<BR> -&gt; {HKCU...CLSID} = "QuickLoad.QuickLoadContextMenu"<BR> \InProcServer32\(Default) = "C:\WINDOWS\System32\mscoree.DLL" [MS]<BR>"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"<BR> -&gt; {HKLM...CLSID} = "Outlook File Icon Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL" [MS]<BR>"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"<BR> -&gt; {HKLM...CLSID} = (no title provided)<BR> \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS]<BR>"{6DEA92E9-8682-4b6a-97DE-354772FE5727}" = "Autodesk DWF Preview"<BR> -&gt; {HKLM...CLSID} = "ACDWFTHMBPRXY"<BR> \InProcServer32\(Default) = "C:\Program Files\Common Files\Autodesk Shared\AcDwfThmbPrxy16.dll" ["Autodesk"]<BR>"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"<BR> -&gt; {HKLM...CLSID} = "DesktopContext Class"<BR> \InProcServer32\(Default) = "C:\WINDOWS\System32\nvcpl.dll" ["NVIDIA Corporation"]<BR>"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"<BR> -&gt; {HKLM...CLSID} = "Desktop Explorer"<BR> \InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]<BR>"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"<BR> -&gt; {HKLM...CLSID} = (no title provided)<BR> \InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]<BR>"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"<BR> -&gt; {HKLM...CLSID} = "nView Desktop Context Menu"<BR> \InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]<BR>"{23170F69-40C1-278A-1000-000100020000}" = "7-Zip Shell Extension"<BR> -&gt; {HKLM...CLSID} = "7-Zip Shell Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]<BR>"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"<BR> -&gt; {HKLM...CLSID} = "AlcoholShellEx"<BR> \InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\axshlex.dll" ["Alcohol Soft Development Team"]<BR>"{00020000-0000-1011-8004-0000C06B5161}" = "WIBU-SYSTEMS Shell Extension"<BR> -&gt; {HKLM...CLSID} = "WIBU-SYSTEMS Shell Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\WIBU-SYSTEMS\System\WibuShellExt.dll" ["WIBU-SYSTEMS AG"]<BR>"{B089FE88-FB52-11D3-BDF1-0050DA34150D}" = "NOD32 Context Menu Shell Extension"<BR> -&gt; {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]<BR>"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"<BR> -&gt; {HKLM...CLSID} = "NVIDIA CPL Extension"<BR> \InProcServer32\(Default) = "C:\WINDOWS\System32\nvcpl.dll" ["NVIDIA Corporation"]<BR><BR>HKLM\Software\Classes\Folder\shellex\ColumnHandlers\<BR>{00020000-0000-1011-8004-0000C06B5161}\(Default) = (no title provided)<BR> -&gt; {HKLM...CLSID} = "WIBU-SYSTEMS Shell Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\WIBU-SYSTEMS\System\WibuShellExt.dll" ["WIBU-SYSTEMS AG"]<BR>{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"<BR> -&gt; {HKLM...CLSID} = "PDF Shell Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]<BR><BR>HKLM\Software\Classes\*\shellex\ContextMenuHandlers\<BR>7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"<BR> -&gt; {HKLM...CLSID} = "7-Zip Shell Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]<BR>NOD32 Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"<BR> -&gt; {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]<BR>ZFAdd\(Default) = "{8FF88D27-7BD0-11D1-BFB7-00AA00262A11}"<BR> -&gt; {HKLM...CLSID} = "WinAceContext Menu (Add) Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\WinAce\arcext.dll" ["e-merge GmbH"]<BR><BR>HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\<BR>7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"<BR> -&gt; {HKLM...CLSID} = "7-Zip Shell Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]<BR>ZFAdd\(Default) = "{8FF88D27-7BD0-11D1-BFB7-00AA00262A11}"<BR> -&gt; {HKLM...CLSID} = "WinAceContext Menu (Add) Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\WinAce\arcext.dll" ["e-merge GmbH"]<BR><BR>HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\<BR>NOD32 Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"<BR> -&gt; {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"<BR> \InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]<BR><BR><BR>Group Policies {GPedit.msc branch and setting}:<BR>-----------------------------------------------<BR><BR>Note: detected settings may not have any effect.<BR><BR>HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\<BR><BR>"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001<BR>{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|<BR>Shutdown: Allow system to be shut down without having to log on}<BR><BR>"undockwithoutlogon" = (REG_DWORD) hex:0x00000001<BR>{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|<BR>Devices: Allow undock without having to log on}<BR><BR>"DisableTaskMgr" = (REG_DWORD) hex:0x00000001<BR>{unrecognized setting}<BR><BR>"DisableRegistryTools" = (REG_DWORD) hex:0x00000001<BR>{unrecognized setting}<BR><BR>HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore\<BR><BR>"DisableConfig" = (REG_DWORD) hex:0x00000001<BR>{Computer Configuration|Administrative Templates|System|System Restore|<BR>Turn off Configuration}<BR><BR>"DisableSR" = (REG_DWORD) hex:0x00000001<BR>{Computer Configuration|Administrative Templates|System|System Restore|<BR>Turn off System Restore}<BR><BR><BR>Active Desktop and Wallpaper:<BR>-----------------------------<BR><BR>Active Desktop may be disabled at this entry:<BR>HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState<BR><BR>Displayed if Active Desktop enabled and wallpaper not set by Group Policy:<BR>HKCU\Software\Microsoft\Internet Explorer\Desktop\General\<BR>"Wallpaper" = "D:\tapety avatary itp\GN.bmp"<BR><BR>Displayed if Active Desktop disabled and wallpaper not set by Group Policy:<BR>HKCU\Control Panel\Desktop\<BR>"Wallpaper" = "D:\tapety avatary itp\GN.bmp"<BR><BR><BR>Enabled Screen Saver:<BR>---------------------<BR><BR>HKCU\Control Panel\Desktop\<BR>"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]<BR><BR><BR>Startup items in "Grzelu" &amp; "All Users" startup folders:<BR>--------------------------------------------------------<BR><BR>C:\Documents and Settings\Grzelu\Menu Start\Programy\Autostart<BR>"Xfire" -&gt; shortcut to: "C:\Program Files\Xfire\Xfire.exe" ["Xfire Inc."]<BR><BR>C:\Documents and Settings\All Users\Menu Start\Programy\Autostart<BR>"Adobe Reader Speed Launch" -&gt; shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]<BR>"DSLMON" -&gt; shortcut to: "C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe" [empty string]<BR>"Microsoft Office" -&gt; shortcut to: "C:\Program Files\Microsoft Office\Office10\OSA.EXE -b -l" [MS]<BR><BR><BR>Winsock2 Service Provider DLLs:<BR>-------------------------------<BR><BR>Namespace Service Providers<BR><BR>HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}<BR>000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]<BR>000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]<BR>000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]<BR>000000000004\LibraryPath = "%SystemRoot%\System32\nwprovau.dll" [MS]<BR><BR>Transport Service Providers<BR><BR>HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}<BR>0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:<BR>C:\WINDOWS\System32\imon.dll ["Eset "], 01 - 05, 16<BR>%SystemRoot%\system32\mswsock.dll [MS], 06 - 08, 11 - 15, 17 - 28<BR>%SystemRoot%\system32\rsvpsp.dll [MS], 09 - 10<BR><BR><BR>Toolbars, Explorer Bars, Extensions:<BR>------------------------------------<BR><BR>Toolbars<BR><BR>HKLM\Software\Microsoft\Internet Explorer\Toolbar\<BR>"{E0E899AB-F487-11D5-8D29-0050BA6940E3}" = "FlashGet"<BR> -&gt; {HKLM...CLSID} = "FlashGet"<BR> \InProcServer32\(Default) = "C:\Program Files\FlashGet\fgiebar.dll" ["Amaze Soft"]<BR><BR>Extensions (Tools menu items, main toolbar menu buttons)<BR><BR>HKLM\Software\Microsoft\Internet Explorer\Extensions\<BR>{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\<BR>"MenuText" = "Sun Java Console"<BR>"CLSIDExtension" = "{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}"<BR> -&gt; {HKCU...CLSID} = "Java Plug-in 1.5.0_09"<BR> \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll" ["Sun Microsystems, Inc."]<BR> -&gt; {HKLM...CLSID} = "Java Plug-in 1.5.0_09"<BR> \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll" ["Sun Microsystems, Inc."]<BR><BR>{D6E814A0-E0C5-11D4-8D29-0050BA6940E3}\<BR>"ButtonText" = "FlashGet"<BR>"MenuText" = "FlashGet"<BR>"Exec" = "C:\Program Files\FlashGet\FlashGet.exe" ["FlashGet.com"]<BR><BR><BR>Running Services (Display Name, Service Name, Path {Service DLL}):<BR>------------------------------------------------------------------<BR><BR>Autodesk Licensing Service, Autodesk Licensing Service, ""C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"" ["Autodesk"]<BR>Machine Debug Manager, MDM, ""C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"" [MS]<BR>NOD32 Kernel Service, NOD32krn, ""C:\Program Files\Eset\nod32krn.exe"" ["Eset "]<BR>NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\System32\nvsvc32.exe" ["NVIDIA Corporation"]<BR>Outpost Firewall Service, OutpostFirewall, "C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /service" ["Agnitum Ltd."]<BR><BR><BR>----------<BR>+ This report excludes default entries except where indicated.<BR>+ To see *everywhere* the script checks and *everything* it finds,<BR> launch it from a command prompt or a shortcut with the -all parameter.<BR>+ The search for DESKTOP.INI DLL launch points on all local fixed drives<BR> took 228 seconds.<BR>---------- (total run time: 1711 seconds)<BR><BR><BR>te 3 skrypty to jest wlasnie silent runners... tak to ejst jak sie nie czyta oipisu na oficjalnej.<BR><BR>co do restrykcji na regedit to nie ma pojecia, wczoraj bylo ok.<BR><BR><BR>dziekuje i czekamna relacje z log silentowego.<BR><BR>Co do uslugi to przepraszam za moja glupote, jest i dziala.<BR><BR>wpisy mswina usuniete, pliku mi wyszukiwarka nie znalazla.<BR><BR>+++<BR><BR>znalazla, <STRONG>nie</STRONG> byl to dokladnie plik msnwn.exe<BR><BR>

deshu
Dodano:
08.02.2007 14:31:54
Komentarzy:
1
Strona 1 / 1