Brak łaczności ftp

Mój problem wygląda tak od pewnego czasu nie mogę łączyć się z żadnym ftp

w żadnym programem total itp

Serwery są na pewno dostępne,łączy się i nagle field.

Zapora jedynie windowsowa

proszę o pomoc, a przeinstalować Windowsa nie chce

Logfile of HijackThis v1.99.1

Scan saved at 11:14:29, on 2007-07-04

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\Explorer.EXE

D:\AQQ\AQQ.exe

C:\PROGRA~1\Mozilla Firefox\firefox.exe

D:\totalcmd\TOTALCMD.EXE

C:\Documents and Settings\Admin\Pulpit\inne\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Internet Download Manager\IDMIECC.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKCU\..\Run: [AQQ] D:\AQQ\AQQ.exe

O8 - Extra context menu item: Download All Links with IDM - C:\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Download with IDM - C:\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {1F831FAC-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://C:\Program Files\AutoCAD 2002 Plk\InstFred.ocx

O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday) - file://C:\Program Files\AutoCAD 2002 Plk\AcDcToday.ocx

O16 - DPF: {AE56372C-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\AutoCAD 2002 Plk\InstBanr.ocx

O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\AutoCAD 2002 Plk\AcPreview.ocx

O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)

O23 - Service: .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by "{++}"



Startup items buried in registry:

---------------------------------


HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"AQQ" = "D:\AQQ\AQQ.exe" ["AQQ Sp. z o.o."]


HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]


HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{0055C089-8582-441B-A0BF-17B458C2A3A8}\(Default) = "IDM Helper"

  -> {HKLM...CLSID} = "IDMIEHlprObj Class"

                   \InProcServer32\(Default) = "C:\Internet Download Manager\IDMIECC.dll" ["Tonec Inc."]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"

                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "SSVHelper Class"

                   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]


HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"

  -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"

                   \InProcServer32\(Default) = "deskpan.dll" [file not found]

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"

  -> {HKLM...CLSID} = "HyperTerminal Icon Ext"

                   \InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]

"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"

  -> {HKLM...CLSID} = "AlcoholShellEx"

                   \InProcServer32\(Default) = "C:\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"

  -> {HKLM...CLSID} = "Microsoft Office Outlook"

                   \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS]

"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"

  -> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook"

                   \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS]

"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]

"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"

  -> {HKLM...CLSID} = "Desktop Explorer"

                   \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"

  -> {HKLM...CLSID} = "nView Desktop Context Menu"

                   \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]

"{453D1B6D-BD6A-4FA1-B876-9E4DD848D434}" = "AQQ File Transfer Shell Extension"

  -> {HKLM...CLSID} = "AQQ File Transfer Shell Extension"

                   \InProcServer32\(Default) = "D:\AQQ\System\AQQShellExt.dll" [null data]


HKLM\Software\Classes\PROTOCOLS\Filter\

<> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]


HKLM\Software\Classes\Folder\shellex\ColumnHandlers\

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"

  -> {HKLM...CLSID} = "PDF Shell Extension"

                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]


HKLM\Software\Classes\*\shellex\ContextMenuHandlers\

AQQFileTransfer\(Default) = "{453D1B6D-BD6A-4FA1-B876-9E4DD848D434}"

  -> {HKLM...CLSID} = "AQQ File Transfer Shell Extension"

                   \InProcServer32\(Default) = "D:\AQQ\System\AQQShellExt.dll" [null data]

Notepad++\(Default) = "{120B94B5-2E6A-4F13-94D0-414BCB64FA0F}"

  -> {HKLM...CLSID} = "Notepad++"

                   \InProcServer32\(Default) = "C:\Program Files\Notepad++\nppcm.dll" ["Burgaud.com"]

PowerArchiver\(Default) = "{d03d3e68-0c44-3d45-b15f-bcfd8a8b4c7e}"

  -> {HKLM...CLSID} = "PowerArchiver Shell Extensions"

                   \InProcServer32\(Default) = "C:\Program Files\PowerArchiver\PASHLEXT.DLL" ["ConeXware, Inc."]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

PowerArchiver\(Default) = "{d03d3e68-0c44-3d45-b15f-bcfd8a8b4c7e}"

  -> {HKLM...CLSID} = "PowerArchiver Shell Extensions"

                   \InProcServer32\(Default) = "C:\Program Files\PowerArchiver\PASHLEXT.DLL" ["ConeXware, Inc."]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]



Default executables:

--------------------


HKLM\Software\Classes\.scr\ = (key not found)



Group Policies {GPedit.msc branch and setting}:

-----------------------------------------------


Note: detected settings may not have any effect.


HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\


"NoSaveSettings" = (REG_DWORD) hex:0x00000000

{User Configuration|Administrative Templates|Desktop|

Don't save settings at exit}


"ClearRecentDocsOnExit" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\


"NoRemoteRecursiveEvents" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


"ClearRecentDocsOnExit" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\


"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Shutdown: Allow system to be shut down without having to log on}


"undockwithoutlogon" = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Devices: Allow undock without having to log on}



Active Desktop and Wallpaper:

-----------------------------


Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState


Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"


Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

"Wallpaper" = "C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"



Winsock2 Service Provider DLLs:

-------------------------------


Namespace Service Providers


HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]


Transport Service Providers


HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05



Toolbars, Explorer Bars, Extensions:

------------------------------------


Extensions (Tools menu items, main toolbar menu buttons)


HKLM\Software\Microsoft\Internet Explorer\Extensions\

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\

"MenuText" = "Sun Java Console"

"CLSIDExtension" = "{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}"

  -> {HKCU...CLSID} = "Java Plug-in 1.6.0_01"

                   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]

  -> {HKLM...CLSID} = "Java Plug-in 1.6.0_01"

                   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll" ["Sun Microsystems, Inc."]


{FB5F1910-F110-11D2-BB9E-00C04F795683}\

"ButtonText" = "Messenger"

"MenuText" = "Windows Messenger"

"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]



Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------


Machine Debug Manager, MDM, ""C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"" [MS]

NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]



----------

<>: Suspicious data at a malware launch point.


+ This report excludes default entries except where indicated.

+ To see *everywhere* the script checks and *everything* it finds,

  launch it from a command prompt or a shortcut with the -all parameter.

+ To search all directories of local fixed drives for DESKTOP.INI

  DLL launch points, use the -supp parameter or answer "No" at the

  first message box and "Yes" at the second message box.

---------- (total run time: 132 seconds, including 22 seconds for message boxes)

To nie jest wina syfu

poczytaj o naprawie rozszerzeń - http://www.searchengines.pl/phpbb203/in … opic=79791

Czyszczenie rejestru:

RegCleaner - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=177

możesz rejestr przelecieć albo

jv16 PowerTools - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=509

zrobiłem jak tam było napisane ale dalej nic

daje kod

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by "{++}"



Startup items buried in registry:

---------------------------------


HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"AQQ" = "D:\AQQ\AQQ.exe" ["AQQ Sp. z o.o."]


HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]


HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{0055C089-8582-441B-A0BF-17B458C2A3A8}\(Default) = "IDM Helper"

  -> {HKLM...CLSID} = "IDMIEHlprObj Class"

                   \InProcServer32\(Default) = "C:\Internet Download Manager\IDMIECC.dll" ["Tonec Inc."]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"

                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "SSVHelper Class"

                   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]


HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"

  -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"

                   \InProcServer32\(Default) = "deskpan.dll" [file not found]

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"

  -> {HKLM...CLSID} = "HyperTerminal Icon Ext"

                   \InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]

"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"

  -> {HKLM...CLSID} = "AlcoholShellEx"

                   \InProcServer32\(Default) = "C:\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"

  -> {HKLM...CLSID} = "Microsoft Office Outlook"

                   \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS]

"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"

  -> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook"

                   \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS]

"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]

"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"

  -> {HKLM...CLSID} = "Desktop Explorer"

                   \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"

  -> {HKLM...CLSID} = "nView Desktop Context Menu"

                   \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]

"{453D1B6D-BD6A-4FA1-B876-9E4DD848D434}" = "AQQ File Transfer Shell Extension"

  -> {HKLM...CLSID} = "AQQ File Transfer Shell Extension"

                   \InProcServer32\(Default) = "D:\AQQ\System\AQQShellExt.dll" [null data]


HKLM\Software\Classes\PROTOCOLS\Filter\

<> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]


HKLM\Software\Classes\Folder\shellex\ColumnHandlers\

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"

  -> {HKLM...CLSID} = "PDF Shell Extension"

                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]


HKLM\Software\Classes\*\shellex\ContextMenuHandlers\

AQQFileTransfer\(Default) = "{453D1B6D-BD6A-4FA1-B876-9E4DD848D434}"

  -> {HKLM...CLSID} = "AQQ File Transfer Shell Extension"

                   \InProcServer32\(Default) = "D:\AQQ\System\AQQShellExt.dll" [null data]

Notepad++\(Default) = "{120B94B5-2E6A-4F13-94D0-414BCB64FA0F}"

  -> {HKLM...CLSID} = "Notepad++"

                   \InProcServer32\(Default) = "C:\Program Files\Notepad++\nppcm.dll" ["Burgaud.com"]

PowerArchiver\(Default) = "{d03d3e68-0c44-3d45-b15f-bcfd8a8b4c7e}"

  -> {HKLM...CLSID} = "PowerArchiver Shell Extensions"

                   \InProcServer32\(Default) = "C:\Program Files\PowerArchiver\PASHLEXT.DLL" ["ConeXware, Inc."]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

PowerArchiver\(Default) = "{d03d3e68-0c44-3d45-b15f-bcfd8a8b4c7e}"

  -> {HKLM...CLSID} = "PowerArchiver Shell Extensions"

                   \InProcServer32\(Default) = "C:\Program Files\PowerArchiver\PASHLEXT.DLL" ["ConeXware, Inc."]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]



Group Policies {GPedit.msc branch and setting}:

-----------------------------------------------


Note: detected settings may not have any effect.


HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\


"NoSaveSettings" = (REG_DWORD) hex:0x00000000

{User Configuration|Administrative Templates|Desktop|

Don't save settings at exit}


"ClearRecentDocsOnExit" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\


"NoRemoteRecursiveEvents" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


"ClearRecentDocsOnExit" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\


"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Shutdown: Allow system to be shut down without having to log on}


"undockwithoutlogon" = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Devices: Allow undock without having to log on}



Active Desktop and Wallpaper:

-----------------------------


Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState


Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"


Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

"Wallpaper" = "C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"



Winsock2 Service Provider DLLs:

-------------------------------


Namespace Service Providers


HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]


Transport Service Providers


HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05



Toolbars, Explorer Bars, Extensions:

------------------------------------


Extensions (Tools menu items, main toolbar menu buttons)


HKLM\Software\Microsoft\Internet Explorer\Extensions\

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\

"MenuText" = "Sun Java Console"

"CLSIDExtension" = "{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}"

  -> {HKCU...CLSID} = "Java Plug-in 1.6.0_01"

                   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]

  -> {HKLM...CLSID} = "Java Plug-in 1.6.0_01"

                   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll" ["Sun Microsystems, Inc."]


{FB5F1910-F110-11D2-BB9E-00C04F795683}\

"ButtonText" = "Messenger"

"MenuText" = "Windows Messenger"

"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]



Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------


Machine Debug Manager, MDM, ""C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"" [MS]

NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]



----------

<>: Suspicious data at a malware launch point.


+ This report excludes default entries except where indicated.

+ To see *everywhere* the script checks and *everything* it finds,

  launch it from a command prompt or a shortcut with the -all parameter.

+ To search all directories of local fixed drives for DESKTOP.INI

  DLL launch points, use the -supp parameter or answer "No" at the

  first message box and "Yes" at the second message box.

---------- (total run time: 110 seconds, including 3 seconds for message boxes)

Złączono Posta : 04.07.2007 (Sro) 13:19

Dodaje screena za każdym razem próbuje łączyć i kaput field

http://img241.imageshack.us/my.php?imag … lllsm1.jpg

no logi masz czyste, jak próbowałeś innymi klientami ftp i nic to sprawdź błędy w podglądzie zdarzeń:

Start => Panel Sterowania => Narzędzia Administracyjne => Podgląd zdarzeń

Jeśli będą jakieś na czerwono, to wklej szczegóły.

Skan AVG AntiSpyware 7.5 po update, wklej raport.

jest kilka czerwonych maja byc? z systemu? aplikacji?

a ten z AVG ma być z pełnego skanu ? czy szybkiego?

pełny skan

błędy z systemu i aplikacji, tak jak napisałam

Aplikacja

wszystkie

systemu nie dam rady za dużo tych z błedami to kilka tylko dać? / Scan raportu zaraz dam

Brakujace pliki Windows włóż CD z XP:

Wejdź w start>>>Uruchom>>>sfc /scannow

Daj log z Combofix

sory że tak długo ale sprawdzanie tych plików zajęło ale nic nie pomogło

log

Pobierz program SDFix

jeszcze jakis pomysł? :cry:

Złączono Posta : 13.07.2007 (Pią) 13:06

chciałem dodać ze po tych zabiegach Windows strasznie długo się wyłącza i to nie 1min tylko z 5 min :frowning:

Złączono Posta : 13.07.2007 (Pią) 14:05

Ftp działa 8) 8) dzięki Gutek2222 jeszcze tylko byś z tym wyłączaniem zaradził

Złączono Posta : 13.07.2007 (Pią) 15:45

i znowu ftp nie działał załączył sie na chwile i dalej nie da się :? :frowning:

Złączono Posta : 13.07.2007 (Pią) 16:32

dodaje akutalony kod… bo cos dziwnie sie dzieje

Złączono Posta : 13.07.2007 (Pią) 22:23

Nie wytrzymałem zrobiłem format i instalacje windows’a

a co się okazało dalej nie działa :? :? :shock:

Jakieś pomysły ?

Daj log z HJT zobace co masz teraz na kompie :slight_smile:

sory za 2 temat tutaj jest

http://forum.dobreprogramy.pl/viewtopic.php?t=170798

no to właśnie kosz zaliczył i kontynuujemy pierwszy :slight_smile:

ok :stuck_out_tongue:

to logi hjt

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:17, on 2007-07-14

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\Program Files\WapSter\AQQ\AQQ.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\totalcmd\TOTALCMD.EXE

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Winamp\winamp.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = L1cza

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKCU\..\Run: [AQQ] C:\PROGRA~1\WapSter\AQQ\AQQ.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


--

End of file - 1953 bytes

SR

:shock:

Coś wyłączyłeś w MSConfig?

Tak

kodzik z optymalizacji

taki

Windows Registry Editor Version 5.00


;===== Services =======================

;

; 00000002 = Automatic -> Automatyczny

; 00000003 = Manual -> Ręczny

; 00000004 = Disabled -> Wylączony

;======================================


; Aktualizacje automatyczne

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv]

"Start"=dword:00000003


; Aplikacja systemowa modelu COM+

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\COMSysApp]

"Start"=dword:00000003


; Bufor wydruku

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Spooler]

"Start"=dword:00000002


; Centrum Zabezpieczeń

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc]

"Start"=dword:00000002


; ClipBook

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ClipSrv]

"Start"=dword:00000004


; DDE sieci

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetDDE]

"Start"=dword:00000004


; Distributed Transaction Coordinator

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSDTC]

"Start"=dword:00000003


; Dostęp do urządzeń interfejsu HID

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HidServ]

"Start"=dword:00000004


; DSDM DDE sieci

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetDDEdsdm]

"Start"=dword:00000004


; Dziennik zdarzeń

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog]

"Start"=dword:00000002


; Dzienniki wydajności i alerty

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysmonLog]

"Start"=dword:00000004


; Harmonogram zadań

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule]

"Start"=dword:00000003


; Host Uniwersalnego urządzenia Plug and Play

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\upnphost]

"Start"=dword:00000004


; Instalator Windows

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSIServer]

"Start"=dword:00000003


; Instrumentacja zarządzania Windows

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winmgmt]

"Start"=dword:00000002


; Karta inteligentna

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SCardSvr]

"Start"=dword:00000004


; karta wydajności WMI

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmiApSrv]

"Start"=dword:00000003


; Klient DHCP

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dhcp]

"Start"=dword:00000002


; Klient DNS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache]

"Start"=dword:00000002


; Klient śledzenia łączy rozproszonych

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrkWks]

"Start"=dword:00000003


; Kompozycje

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes]

"Start"=dword:00000002


; Konfiguracja zerowej sieci bezprzewodowej

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WZCSVC]

"Start"=dword:00000004


; Kopiowanie woluminów w tle

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS]

"Start"=dword:00000004


; Logowanie do sieci

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon]

"Start"=dword:00000004


; Logowanie pomocnicze

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seclogon]

"Start"=dword:00000004


; Magazyn chroniony

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ProtectedStorage]

"Start"=dword:00000002


; Magazyn wymienny

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtmsSvc]

"Start"=dword:00000003


; Menedżer autopołączenia rejestru zdalnego

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasAuto]

"Start"=dword:00000003


; Menedżer dysków logicznych

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmserver]

"Start"=dword:00000003


; Menedżer kont zabezpieczeń

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SamSs]

"Start"=dword:00000002


; Menedżer połączeń usługi Dostęp zdalny

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan]

"Start"=dword:00000003


; MS Software Shadow Copy Provider

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SwPrv]

"Start"=dword:00000003


; NetMeeting Remote Desktop Sharing

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mnmsrvc]

"Start"=dword:00000004


; Plug and Play

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PlugPlay]

"Start"=dword:00000002


; Połączenia sieciowe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netman]

"Start"=dword:00000003


; Pomoc i obsługa techniczna

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\helpsvc]

"Start"=dword:00000003


; Pomoc TCP/IP NetBIOS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LmHosts]

"Start"=dword:00000004


; Posłaniec

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger]

"Start"=dword:00000004


; Program uruchamiający proces serwera DCOM

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DcomLaunch]

"Start"=dword:00000002


; Przeglądarka komputera

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser]

"Start"=dword:00000003


; QoS RSVP

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RSVP]

"Start"=dword:00000003


; Rejestr zdalny

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry]

"Start"=dword:00000004


; Routing i dostęp zdalny

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess]

"Start"=dword:00000004


; Rozpoznawanie lokalizacji w sieci (NLA)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Nla]

"Start"=dword:00000003


; Stacja robocza

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation]

"Start"=dword:00000002


; System zdarzeń COM+

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventSystem]

"Start"=dword:00000003


; Urządzenie alarmowe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Alerter]

"Start"=dword:00000004


; Usługa administracyjna Menedżera dysków logicznych

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmadmin]

"Start"=dword:00000003


; Usługa bramy warstwy aplikacji

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ALG]

"Start"=dword:00000003


; Usługa COM nagrywania dysków CD IMAPI

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ImapiService]

"Start"=dword:00000003


; Usługa Czas systemu Windows

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time]

"Start"=dword:00000004


; Usługa indeksowania

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CiSvc]

"Start"=dword:00000004


; Usługa inteligentnego transferu w tle

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS]

"Start"=dword:00000004


; Usługa NT LM Security Support Provider

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtLmSsp]

"Start"=dword:00000003


; Usługa odnajdowania SSDP

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSDPSRV]

"Start"=dword:00000003


; Usługa przywracania systemu

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srservice]

"Start"=dword:00000002


; Usługa raportowania błędów

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc]

"Start"=dword:00000004


; Usługi IPSEC

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent]

"Start"=dword:00000004


; Usługi kryptograficzne

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc]

"Start"=dword:00000002


; Usługi terminalowe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService]

"Start"=dword:00000003


; WebClient

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient]

"Start"=dword:00000004


; Windows Audio

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AudioSrv]

"Start"=dword:00000002


; Windows Image Acquisition

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\stisvc]

"Start"=dword:00000003


; Wykrywanie sprzętu powłoki

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ShellHWDetection]

"Start"=dword:00000002


; Zapora połączenia internetowego /Udostępnianie

; połączenia internetowego

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess]

"Start"=dword:00000002


; Zasilacz awaryjny (UPS)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UPS]

"Start"=dword:00000003


; Zawiadomienie o zdarzeniu systemowym

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SENS]

"Start"=dword:00000002


; Zdalne wywoływanie procedur RPC

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs]

"Start"=dword:00000002


; Zgodność szybkiego przełączania użytkowników

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FastUserSwitchingCompatibility]

"Start"=dword:00000003

i ten

Windows Registry Editor Version 5.00


; Wyłączanie podsystemu POSIX

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]

"Optional"=-

"Posix"=-


; Wyładowanie nieużywanych bibliotek .dll z pamięci RAM

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AlwaysUnloadDLL]

@="1"


; Przyspieszenie zamykania systemu

[HKEY_CURRENT_USER\Control Panel\Desktop]

"AutoEndTasks"="1"

"HungAppTimeout"="100"

"WaitToKillAppTimeout"="1000"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control]

"WaitToKillServiceTimeout"="1000"


; Prefetcher - szybsze bootowanie

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters]

"EnablePrefetcher"=dword:00000003


; Wyczyszczenie page file przy wyłączaniu

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]

"ClearPageFileAtShutdown"=dword:00000001


; Przyśpieszony restart

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"EnableQuickReboot"="1"


; Przydział miejsca dla przywracania systemu (w %)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DiskPercent"=dword:00000005


; Zmiana opóźnienia otwierania Start Menu

[HKEY_CURRENT_USER\Control Panel\Desktop]

"MenuShowDelay"="150"


; Wyłączenie indeksowania plików

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CiSvc]

"Start"=dword:00000004


; Przyśpieszanie otwierania Mój komputer i Explorer

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\stisvc]

"Start"=dword:00000004

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]

"NoSaveSettings"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]

"NoNetCrawling"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]

"NoRemoteRecursiveEvents"=dword:00000001


; Czyszczenie listy dokumentów podczas zamykania systemu

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]

"ClearRecentDocsOnExit"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]

"ClearRecentDocsOnExit"=dword:00000001

przez to raczej nie od razu świeżo bez niczego też próbowałem i też klapa mam backupa jak co