Problem z otwieraniem programóm z rozszerzeniem .exe


(dean999) #1

Mam problem gdyż gdy chcem otworzyć jakiś program lub gre to niemoge bo pisze że niemożna znaleźć pliku .....exe narazie są to tylko niektóre programy i gry ale dzieje sie to z coraz większą ilością plików

Hijack this:

Logfile of HijackThis v1.99.1

Scan saved at 19:47:23, on 2007-05-07

Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\spoolsv.exe

D:\WINDOWS\Explorer.EXE

C:\Grisoft\AVG7\avgamsvr.exe

C:\Grisoft\AVG7\avgupsvc.exe

C:\Grisoft\AVG7\avgemc.exe

C:\Bandwidth Controller Standard Server\bcserver.service

C:\NetLimiter 2 Pro\nlsvc.exe

D:\WINDOWS\System32\nvsvc32.exe

C:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

D:\WINDOWS\System32\svchost.exe

C:\Opera\Opera.exe

C:\WapSter\AQQ\AQQ.exe

C:\Moje\programy\HijackThis.exe

D:\WINDOWS\system32\NOTEPAD.EXE


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE

O17 - HKLM\System\CCS\Services\Tcpip\..\{C6C84F77-2907-4B39-A75A-A04B76063053}: NameServer = 192.168.0.99,194.204.152.34

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D:\Program Files\Ares\chatServer.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Grisoft\AVG7\avgemc.exe

O23 - Service: Bandwidth Controller Server (bcserver) - Unknown owner - C:\Bandwidth.exe (file missing)

O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\NetLimiter 2 Pro\nlsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

Silent runners:

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/

Operating System: Windows XP

Output limited to non-default values, except where indicated by "{++}"



Startup items buried in registry:

---------------------------------


HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"NvCplDaemon" = "RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup" [MS]


HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "SSVHelper Class"

                   \InProcServer32\(Default) = "D:\Program Files\Java\jre1.5.0_11\bin\ssv.dll" ["Sun Microsystems, Inc."]


HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"

  -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"

                   \InProcServer32\(Default) = "deskpan.dll" [file not found]

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"

  -> {HKLM...CLSID} = "HyperTerminal Icon Ext"

                   \InProcServer32\(Default) = "D:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]

"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"

  -> {HKLM...CLSID} = "Desktop Explorer"

                   \InProcServer32\(Default) = "D:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = "D:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"

  -> {HKLM...CLSID} = "nView Desktop Context Menu"

                   \InProcServer32\(Default) = "D:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]

"{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3}" = "My Labtec Pictures"

  -> {HKLM...CLSID} = "My Labtec Pictures"

                   \InProcServer32\(Default) = "D:\Program Files\Logitech\Video\Namespc2.dll" ["Labtec Inc."]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\WinRAR\rarext.dll" [null data]

"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Shell Extension"

  -> {HKLM...CLSID} = "AVG7 Shell Extension Class"

                   \InProcServer32\(Default) = "C:\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]

"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Find Extension"

  -> {HKLM...CLSID} = "AVG7 Find Extension Class"

                   \InProcServer32\(Default) = "C:\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]

"{AD392E40-428C-459F-961E-9B147782D099}" = "UltraISO"

  -> {HKLM...CLSID} = "UIContextMenu Class"

                   \InProcServer32\(Default) = "C:\UltraISO\isoshell.dll" ["EZB Systems, Inc."]

"{453D1B6D-BD6A-4FA1-B876-9E4DD848D434}" = "AQQ File Transfer Shell Extension"

  -> {HKLM...CLSID} = "AQQ File Transfer Shell Extension"

                   \InProcServer32\(Default) = "C:\WapSter\AQQ\System\AQQShellExt.dll" [null data]


HKLM\Software\Classes\*\shellex\ContextMenuHandlers\

AQQFileTransfer\(Default) = "{453D1B6D-BD6A-4FA1-B876-9E4DD848D434}"

  -> {HKLM...CLSID} = "AQQ File Transfer Shell Extension"

                   \InProcServer32\(Default) = "C:\WapSter\AQQ\System\AQQShellExt.dll" [null data]

AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"

  -> {HKLM...CLSID} = "AVG7 Shell Extension Class"

                   \InProcServer32\(Default) = "C:\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\WinRAR\rarext.dll" [null data]


HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

UltraISO\(Default) = "{AD392E40-428C-459F-961E-9B147782D099}"

  -> {HKLM...CLSID} = "UIContextMenu Class"

                   \InProcServer32\(Default) = "C:\UltraISO\isoshell.dll" ["EZB Systems, Inc."]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\WinRAR\rarext.dll" [null data]


HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"

  -> {HKLM...CLSID} = "AVG7 Shell Extension Class"

                   \InProcServer32\(Default) = "C:\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]

UltraISO\(Default) = "{AD392E40-428C-459F-961E-9B147782D099}"

  -> {HKLM...CLSID} = "UIContextMenu Class"

                   \InProcServer32\(Default) = "C:\UltraISO\isoshell.dll" ["EZB Systems, Inc."]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\WinRAR\rarext.dll" [null data]



Group Policies {GPedit.msc branch and setting}:

-----------------------------------------------


Note: detected settings may not have any effect.


HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\


"ClearRecentDocsOnExit" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


"NoSMBalloonTip" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


"NoSaveSettings" = (REG_DWORD) hex:0x00000000

{User Configuration|Administrative Templates|Desktop|

Don't save settings at exit}


"NoRecentDocsHistory" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


"CDRAutoRun" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


"NoLowDiskSpaceChecks" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


"MemCheckBoxInRunDlg" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


"NoClose" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


"NoAutoTrayNotify" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


"NoResolveTrack" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


"NoResolveSearch" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


"LinkResolveIgnoreLinkInfo" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


"NoStartBanner" = (REG_BINARY) hex:01 00 00 00

{Remove "Click here to begin" from Start button}


"NoWelcomeScreen" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


"NoRecentDocsNetHood" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


"NoDesktopCleanupWizard" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


"NoSharedDocuments" = (REG_DWORD) hex:0x00000001

{User Configuration|Administrative Templates|Windows Components|Windows Explorer|

Remove Shared Documents from My Computer}


"NoThemesTab" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\


"ClearRecentDocsOnExit" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


"NoRemoteRecursiveEvents" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


"NoStrCmpLogical" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


"NoClose" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\


"NoDispAppearancePage" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


"NoColorChoice" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


"NoDispBackgroundPage" = (REG_DWORD) hex:0x00000000

{User Configuration|Administrative Templates|Control Panel|Display|

Hide Desktop tab}


"NoDispCPL" = (REG_DWORD) hex:0x00000000

{User Configuration|Administrative Templates|Control Panel|Display|

Remove Display in Control Panel}


"NoDispSettingsPage" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


"NoDispScrSavPage" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


"NoVisualStyleChoice" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


"NoSizeChoice" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions\


"NoUpdateCheck" = (REG_DWORD) hex:0x00000001

{unrecognized setting}


HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\


"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Shutdown: Allow system to be shut down without having to log on}


"undockwithoutlogon" = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Devices: Allow undock without having to log on}


"RunStartupScriptSync" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


"SynchronousMachineGroupPolicy" = (REG_DWORD) hex:0x00000000

{unrecognized setting}


"SynchronousUserGroupPolicy" = (REG_DWORD) hex:0x00000000

{unrecognized setting}



Active Desktop and Wallpaper:

-----------------------------


Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState


Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

"Wallpaper" = "%APPDATA%\IrfanView\IrfanView_Wallpaper.bmp"


Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

"Wallpaper" = "D:\Documents and Settings\dean\Dane aplikacji\IrfanView\IrfanView_Wallpaper.bmp"



Enabled Screen Saver:

---------------------


HKCU\Control Panel\Desktop\

"SCRNSAVE.EXE" = "D:\WINDOWS\System32\logon.scr" [MS]



Winsock2 Service Provider DLLs:

-------------------------------


Namespace Service Providers


HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]


Transport Service Providers


HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05



Toolbars, Explorer Bars, Extensions:

------------------------------------


Extensions (Tools menu items, main toolbar menu buttons)


HKLM\Software\Microsoft\Internet Explorer\Extensions\

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\

"MenuText" = "Sun Java Console"

"CLSIDExtension" = "{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}"

  -> {HKCU...CLSID} = "Java Plug-in 1.5.0_11"

                   \InProcServer32\(Default) = "D:\Program Files\Java\jre1.5.0_11\bin\ssv.dll" ["Sun Microsystems, Inc."]

  -> {HKLM...CLSID} = "Java Plug-in 1.5.0_11"

                   \InProcServer32\(Default) = "D:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll" ["Sun Microsystems, Inc."]


{FB5F1910-F110-11D2-BB9E-00C04F795683}\

"ButtonText" = "Messenger"

"MenuText" = "Windows Messenger"

"Exec" = "D:\Program Files\Messenger\MSMSGS.EXE" [MS]



Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------


AVG E-mail Scanner, AVGEMS, "C:\Grisoft\AVG7\avgemc.exe" ["GRISOFT, s.r.o."]

AVG7 Alert Manager Server, Avg7Alrt, "C:\Grisoft\AVG7\avgamsvr.exe" ["GRISOFT, s.r.o."]

AVG7 Update Service, Avg7UpdSvc, "C:\Grisoft\AVG7\avgupsvc.exe" ["GRISOFT, s.r.o."]

Bandwidth Controller Server, bcserver, "C:\Bandwidth Controller Standard Server\bcserver.service" [null data]

NetLimiter, nlsvc, ""C:\NetLimiter 2 Pro\nlsvc.exe"" ["Locktime Software"]

NVIDIA Display Driver Service, NVSvc, "D:\WINDOWS\System32\nvsvc32.exe" ["NVIDIA Corporation"]

StarWind iSCSI Service, StarWindService, "C:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe" ["Rocket Division Software"]



----------

+ This report excludes default entries except where indicated.

+ To see *everywhere* the script checks and *everything* it finds,

  launch it from a command prompt or a shortcut with the -all parameter.

+ To search all directories of local fixed drives for DESKTOP.INI

  DLL launch points, use the -supp parameter or answer "No" at the

  first message box and "Yes" at the second message box.

---------- (total run time: 550 seconds, including 2 seconds for message boxes)

(Gutek) #2

Logi czyste. Możesz podać więcej szczegółów


(dean999) #3

poprostu zaczeły mi znikać pliki .exe z folderu z program files przez co niemoge uruchomić żadnego programu


(Gutek) #4

jakie ze wszytskich softów wgranych?


(dean999) #5

Nierozumiem twojego pytania. A to do kompa sie też wgrywa softy :o ??


(Gutek) #6

więc pytam z jakich folderów np. C:\Program Files\Java itp.


(dean999) #7

z różnych folderów z C:\Program Files\ ponieważ to sie dzieje z różnymi programami a co to za różnica??