wieszanie sie systemu
Witam mam nastepujacy problem
Po wlaczeniu systemu wszystko chodzi elegancko ale gdzies po 10 min wszystko jakby zawiesza sie i reaguje po dlugim czasie np jak klikne na ikone to po dlugim czasie sie wlancza itp. zeskanowalem caly system antywirusem i wszystko jest ok co mam robic bo mozna zwariowac
Po wlaczeniu systemu wszystko chodzi elegancko ale gdzies po 10 min wszystko jakby zawiesza sie i reaguje po dlugim czasie np jak klikne na ikone to po dlugim czasie sie wlancza itp. zeskanowalem caly system antywirusem i wszystko jest ok co mam robic bo mozna zwariowac
Odpowiedzi: 10
Czasem warto otworzyc komputer i solidnie go odkurzyć ;) Mi to pomogło :D Komputer mi się zawieszał co godzine. Odkurzyłem i teraz wiesza się 1–2 razy na miesiąc :D Proponuję to zrobić ;]
A msupdate32.dll?
Duncan, w razie dalszych problemów podaj log z Silenta.
Duncan, w razie dalszych problemów podaj log z Silenta.
wywalasz:
chyba tyle.
F2 – REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.exe"
O2 – BHO: (no name) – {78364D99–A640–4ddf–B91A–67EFF8373045} – C:\WINDOWS\System32\appwiz.dll
O4 – HKCU\..\Run: [klop] C:\WINDOWS\162.tmp
O4 – HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.exe
O8 – Extra context menu item: Web Rebates. – file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm
O16 – DPF: {288C5F13–7E52–4ADA–A32E–F5BF9D125F98} (CR64Loader Object) – http://www.miniclip.com/bestfriends/miniclipGameLoader.dll
chyba tyle.
nie wiem czy to ma cos wspolnego z tym co sie dzieje z systemem ale ciagle w folderze dysku c pojawiaja sie pliki acces i domains oraz plik txt map . Nawet gdy je usune po ponownym uruchomieniu kompa pojawiaja sie od nowa
Logfile of HijackThis v1.99.1
Scan saved at 19:07:40, on 2005–11–18
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\PowerS.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
c:\usr\MYSQL\bin\mysqld.exe
C:\usr\mysql\bin\winmysqladmin.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\FLASHGET\flashget.exe
C:\Program Files\TUGZip\TUGZip.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Temp\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 – REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.exe"
O2 – BHO: (no name) – {78364D99–A640–4ddf–B91A–67EFF8373045} – C:\WINDOWS\System32\appwiz.dll
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – C:\PROGRA~1\FLASHGET\jccatch.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar3.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 – HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 – HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 – HKLM\..\Run: [PowerS] C:\WINDOWS\PowerS.exe
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 – HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe"
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\PROGRA~1\GADU–G~1\gg.exe" /tray
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 – HKCU\..\Run: [klop] C:\WINDOWS\162.tmp
O4 – HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.exe"
O4 – HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 – Startup: WinMySQLadmin.lnk = C:\usr\mysql\bin\winmysqladmin.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 – Extra context menu item: &Add animation to IncrediMail Style Box – C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 – Extra context menu item: &Google Search – res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 – Extra context menu item: Translate into English – res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O8 – Extra context menu item: Web Rebates. – file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm
O8 – Extra context menu item: Ściągnij przy pomocy FlashGet'a – C:\PROGRA~1\FLASHGET\jc_link.htm
O8 – Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a – C:\PROGRA~1\FLASHGET\jc_all.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra button: FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – C:\PROGRA~1\FLASHGET\flashget.exe
O9 – Extra 'Tools' menuitem: &FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – C:\PROGRA~1\FLASHGET\flashget.exe
O16 – DPF: {288C5F13–7E52–4ADA–A32E–F5BF9D125F98} (CR64Loader Object) – http://www.miniclip.com/bestfriends/miniclipGameLoader.dll
O16 – DPF: {31B7EB4E–8B4B–11D1–A789–00A0CC6651A8} (Cult3D ActiveX Player) – http://www.cult3d.com/download/cult.cab
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1119789952088
O16 – DPF: {6E32070A–766D–4EE6–879C–DC1FA91D2FC3} (MUWebControl Class) – http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1123518112314
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O20 – Winlogon Notify: msupdate – C:\WINDOWS\SYSTEM32\msupdate32.dll
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: Macromedia Licensing Service – Macromedia – C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 – Service: MySql – Unknown owner – c:\usr/MYSQL/bin/mysqld.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
Scan saved at 19:07:40, on 2005–11–18
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\PowerS.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
c:\usr\MYSQL\bin\mysqld.exe
C:\usr\mysql\bin\winmysqladmin.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\FLASHGET\flashget.exe
C:\Program Files\TUGZip\TUGZip.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Temp\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 – REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.exe"
O2 – BHO: (no name) – {78364D99–A640–4ddf–B91A–67EFF8373045} – C:\WINDOWS\System32\appwiz.dll
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – C:\PROGRA~1\FLASHGET\jccatch.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar3.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 – HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 – HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 – HKLM\..\Run: [PowerS] C:\WINDOWS\PowerS.exe
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 – HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe"
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\PROGRA~1\GADU–G~1\gg.exe" /tray
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 – HKCU\..\Run: [klop] C:\WINDOWS\162.tmp
O4 – HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00003.exe"
O4 – HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 – Startup: WinMySQLadmin.lnk = C:\usr\mysql\bin\winmysqladmin.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 – Extra context menu item: &Add animation to IncrediMail Style Box – C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 – Extra context menu item: &Google Search – res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 – Extra context menu item: Translate into English – res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O8 – Extra context menu item: Web Rebates. – file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm
O8 – Extra context menu item: Ściągnij przy pomocy FlashGet'a – C:\PROGRA~1\FLASHGET\jc_link.htm
O8 – Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a – C:\PROGRA~1\FLASHGET\jc_all.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra button: FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – C:\PROGRA~1\FLASHGET\flashget.exe
O9 – Extra 'Tools' menuitem: &FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – C:\PROGRA~1\FLASHGET\flashget.exe
O16 – DPF: {288C5F13–7E52–4ADA–A32E–F5BF9D125F98} (CR64Loader Object) – http://www.miniclip.com/bestfriends/miniclipGameLoader.dll
O16 – DPF: {31B7EB4E–8B4B–11D1–A789–00A0CC6651A8} (Cult3D ActiveX Player) – http://www.cult3d.com/download/cult.cab
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1119789952088
O16 – DPF: {6E32070A–766D–4EE6–879C–DC1FA91D2FC3} (MUWebControl Class) – http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1123518112314
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O20 – Winlogon Notify: msupdate – C:\WINDOWS\SYSTEM32\msupdate32.dll
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: Macromedia Licensing Service – Macromedia – C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 – Service: MySql – Unknown owner – c:\usr/MYSQL/bin/mysqld.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
Daj loga z HJT – winlogon zazwyczaj tak sie nie zachowuje
Podczas wieszania w kolumnie CPU aplikacja o nazwie winlogon.exe ma wartosc 99 a reszta 0. Czy ten plik moze byc przyczyna tego wszystkiego ?????
Duncan:
tylko ze podczas wieszania menedzera nie da sie wlaczyc :/
To w końcu co Ci się "wiesza" ?? Menadźer zadań ?? Uruchom go jak wszystko działa dobrze i poczekaj z jego okienkiem otwartym do czasu aź "szopki" się zaczną – wtedy sprawdzaj.
tylko ze podczas wieszania menedzera nie da sie wlaczyc :/
Uruchom Menadźera zadań i sprawdź czy jakowyś proces nie zabiera 100% czasu procesora w czasie tego powolnego działania.
Strona 1 / 1