xp waits 10 minutes after logon screen

V

Vjeran

Hello,

i have one big annoying problem. After entering password on logon screen in
windows xp, my computer hangs/waits for cca 10minutes (hdd lamp not
flashing- only first 30s)... loadin your personal preferences...every
time...

i tried to fix it (checking startup options, registry ...) but nothing
worked for me...

does anybody know what could cause the problem

PS
maybe this can help...

Logfile of HijackThis v1.99.0
Scan saved at 12:14:28, on 07.03.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\VTTimer.exe
C:\Program Files\Cherry\KeyMan\KeyMan.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\DynDNS Updater\DynDNS.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Cherry\CDI\CDI.exe
C:\Program Files\DriveCrypt\DcrServ.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Microsoft SQL Server\MSSQL$NETSDK\Binn\sqlservr.exe
C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
C:\Program Files\Trend Micro\Security
Server\PCCSRV\web\service\ofcservice.exe
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web\Service\DbServer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
C:\Program Files\Trend Micro\Client Server Security Agent\Pop3Trap.exe
C:\WINDOWS\TEMP\KTC835.EXE
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\inetsrv\DavCData.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\user\Desktop\Programi\hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.com
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program
Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [CherryKeyMan] "C:\Program Files\Cherry\KeyMan\KeyMan.exe"
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend
Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [RemoteControl] "C:\Program
Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [DynDNS Updater] "C:\Program Files\DynDNS
Updater\DynDNS.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL
Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Download with GetRight - C:\Program
Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program
Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Send to Keyman - C:\Program
Files\Cherry\KeyMan\IEMenuExtKeyman.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
O15 - Trusted IP range: http://172.16.10.100
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) -
https://172.16.10.100/officescan/console/ClientInstall/WinNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition
Web-Deployment SetupINICtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition
Web-Deployment SetupCtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/setup.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) -
https://172.16.10.102/officescan/console/html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition
Web-Deployment ObjRemoveCtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121404834828
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {69B502DF-D12F-4FD7-9892-D8DFA2D96474} (OfficeScan Management
Console) - https://172.16.10.102/officescan/console/html/AtxConsole.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner
2.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {A050E865-64E3-431B-8079-F0DFCEA90A2D} (PieChart Class) -
https://172.16.10.102/officescan/console/html/AtxPie.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -
http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O16 - DPF: {E78DE03F-DC83-40DB-B590-8FD80BE5F7C8} (Security Server
Management Console) -
https://172.16.10.100/SMB/console/html/root/AtxConsole.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{59DD1946-28AA-4CE9-8493-DC4DDF466962}:
NameServer = 195.29.150.3,195.29.150.4
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common
Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: pcAnywhere Host Service - Symantec Corporation - C:\Program
Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Cherry Device Interface - Cherry Gmbh, Auerbach Germany,
www.cherry.de - C:\Program Files\Cherry\CDI\CDI.exe
O23 - Service: DriveCrypt Service - Unknown - C:\Program
Files\DriveCrypt\DcrServ.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation -
C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan -
Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\ntrtscan.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall -
Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\OfcPfwSvc.exe
O23 - Service: Trend Micro Security Server Master Service - Trend Micro
Inc. - C:\Program Files\Trend Micro\Security
Server\PCCSRV\web\service\ofcservice.exe
O23 - Service: WinAgents TFTP Service - WinAgents Software Group
(http://www.winagents.com) - C:\PROGRA~1\WINAGE~1\TFTPSE~1\TFTPd.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener - Trend
Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\tmlisten.exe
O23 - Service: TuneUp WinStyler Theme Service - TuneUp Software GmbH -
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
 
A

Anthony

Hi Vjeran,
Are you logging into a network or just locally to your PC? If you're logging
into a network, then you are having problems with the DNS settings. Trying
going to START>PROGAMS>ADMIN TOOLS>EVENT VIEWER, and check the Application
and System Logs to see what errors, if any, are listed at the time you
login. From there, either post back here or search MS Knowledge Base for the
error/errors you are getting.

Anthony


Vjeran said:
Hello,

i have one big annoying problem. After entering password on logon screen
in
windows xp, my computer hangs/waits for cca 10minutes (hdd lamp not
flashing- only first 30s)... loadin your personal preferences...every
time...

i tried to fix it (checking startup options, registry ...) but nothing
worked for me...

does anybody know what could cause the problem

PS
maybe this can help...

Logfile of HijackThis v1.99.0
Scan saved at 12:14:28, on 07.03.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\VTTimer.exe
C:\Program Files\Cherry\KeyMan\KeyMan.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\DynDNS Updater\DynDNS.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Cherry\CDI\CDI.exe
C:\Program Files\DriveCrypt\DcrServ.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Microsoft SQL Server\MSSQL$NETSDK\Binn\sqlservr.exe
C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
C:\Program Files\Trend Micro\Security
Server\PCCSRV\web\service\ofcservice.exe
C:\Program Files\Trend Micro\Security
Server\PCCSRV\Web\Service\DbServer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
C:\Program Files\Trend Micro\Client Server Security Agent\Pop3Trap.exe
C:\WINDOWS\TEMP\KTC835.EXE
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\inetsrv\DavCData.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\user\Desktop\Programi\hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.com
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} -
C:\Program
Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [CherryKeyMan] "C:\Program
Files\Cherry\KeyMan\KeyMan.exe"
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend
Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [RemoteControl] "C:\Program
Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [DynDNS Updater] "C:\Program Files\DynDNS
Updater\DynDNS.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL
Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Download with GetRight - C:\Program
Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program
Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Send to Keyman - C:\Program
Files\Cherry\KeyMan\IEMenuExtKeyman.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
O15 - Trusted IP range: http://172.16.10.100
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) -
https://172.16.10.100/officescan/console/ClientInstall/WinNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition
Web-Deployment SetupINICtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition
Web-Deployment SetupCtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/setup.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) -
https://172.16.10.102/officescan/console/html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition
Web-Deployment ObjRemoveCtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121404834828
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {69B502DF-D12F-4FD7-9892-D8DFA2D96474} (OfficeScan Management
Console) - https://172.16.10.102/officescan/console/html/AtxConsole.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner
2.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {A050E865-64E3-431B-8079-F0DFCEA90A2D} (PieChart Class) -
https://172.16.10.102/officescan/console/html/AtxPie.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -
http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O16 - DPF: {E78DE03F-DC83-40DB-B590-8FD80BE5F7C8} (Security Server
Management Console) -
https://172.16.10.100/SMB/console/html/root/AtxConsole.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{59DD1946-28AA-4CE9-8493-DC4DDF466962}:
NameServer = 195.29.150.3,195.29.150.4
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common
Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: pcAnywhere Host Service - Symantec Corporation - C:\Program
Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Cherry Device Interface - Cherry Gmbh, Auerbach Germany,
www.cherry.de - C:\Program Files\Cherry\CDI\CDI.exe
O23 - Service: DriveCrypt Service - Unknown - C:\Program
Files\DriveCrypt\DcrServ.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation -
C:\Program Files\Common Files\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan -
Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\ntrtscan.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal
Firewall -
Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\OfcPfwSvc.exe
O23 - Service: Trend Micro Security Server Master Service - Trend Micro
Inc. - C:\Program Files\Trend Micro\Security
Server\PCCSRV\web\service\ofcservice.exe
O23 - Service: WinAgents TFTP Service - WinAgents Software Group
(http://www.winagents.com) - C:\PROGRA~1\WINAGE~1\TFTPSE~1\TFTPd.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener - Trend
Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\tmlisten.exe
O23 - Service: TuneUp WinStyler Theme Service - TuneUp Software GmbH -
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Click to expand...
 
V

Vjeran

i'm logging locally...
event logger looks weird.... there is no logs after 25.10.2005. or just a
few of them...
i will look closer on it...


Anthony said:
Hi Vjeran,
Are you logging into a network or just locally to your PC? If you're logging
into a network, then you are having problems with the DNS settings. Trying
going to START>PROGAMS>ADMIN TOOLS>EVENT VIEWER, and check the Application
and System Logs to see what errors, if any, are listed at the time you
login. From there, either post back here or search MS Knowledge Base for the
error/errors you are getting.

Anthony


Vjeran said:
Hello,

i have one big annoying problem. After entering password on logon screen
in
windows xp, my computer hangs/waits for cca 10minutes (hdd lamp not
flashing- only first 30s)... loadin your personal preferences...every
time...

i tried to fix it (checking startup options, registry ...) but nothing
worked for me...

does anybody know what could cause the problem

PS
maybe this can help...

Logfile of HijackThis v1.99.0
Scan saved at 12:14:28, on 07.03.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\VTTimer.exe
C:\Program Files\Cherry\KeyMan\KeyMan.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\DynDNS Updater\DynDNS.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Cherry\CDI\CDI.exe
C:\Program Files\DriveCrypt\DcrServ.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Microsoft SQL Server\MSSQL$NETSDK\Binn\sqlservr.exe
C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
C:\Program Files\Trend Micro\Security
Server\PCCSRV\web\service\ofcservice.exe
C:\Program Files\Trend Micro\Security
Server\PCCSRV\Web\Service\DbServer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
C:\Program Files\Trend Micro\Client Server Security Agent\Pop3Trap.exe
C:\WINDOWS\TEMP\KTC835.EXE
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\inetsrv\DavCData.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\user\Desktop\Programi\hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.com
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} -
C:\Program
Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [CherryKeyMan] "C:\Program
Files\Cherry\KeyMan\KeyMan.exe"
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend
Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [RemoteControl] "C:\Program
Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [DynDNS Updater] "C:\Program Files\DynDNS
Updater\DynDNS.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL
Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Download with GetRight - C:\Program
Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program
Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Send to Keyman - C:\Program
Files\Cherry\KeyMan\IEMenuExtKeyman.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
O15 - Trusted IP range: http://172.16.10.100
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) -
https://172.16.10.100/officescan/console/ClientInstall/WinNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition
Web-Deployment SetupINICtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition
Web-Deployment SetupCtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/setup.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) -
https://172.16.10.102/officescan/console/html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition
Web-Deployment ObjRemoveCtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121404834828
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {69B502DF-D12F-4FD7-9892-D8DFA2D96474} (OfficeScan Management
Console) - https://172.16.10.102/officescan/console/html/AtxConsole.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner
2.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {A050E865-64E3-431B-8079-F0DFCEA90A2D} (PieChart Class) -
https://172.16.10.102/officescan/console/html/AtxPie.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -
http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O16 - DPF: {E78DE03F-DC83-40DB-B590-8FD80BE5F7C8} (Security Server
Management Console) -
https://172.16.10.100/SMB/console/html/root/AtxConsole.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{59DD1946-28AA-4CE9-8493-DC4DDF466962}:
NameServer = 195.29.150.3,195.29.150.4
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common
Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: pcAnywhere Host Service - Symantec Corporation - C:\Program
Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Cherry Device Interface - Cherry Gmbh, Auerbach Germany,
www.cherry.de - C:\Program Files\Cherry\CDI\CDI.exe
O23 - Service: DriveCrypt Service - Unknown - C:\Program
Files\DriveCrypt\DcrServ.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation -
C:\Program Files\Common Files\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan -
Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\ntrtscan.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal
Firewall -
Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\OfcPfwSvc.exe
O23 - Service: Trend Micro Security Server Master Service - Trend Micro
Inc. - C:\Program Files\Trend Micro\Security
Server\PCCSRV\web\service\ofcservice.exe
O23 - Service: WinAgents TFTP Service - WinAgents Software Group
(http://www.winagents.com) - C:\PROGRA~1\WINAGE~1\TFTPSE~1\TFTPd.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener - Trend
Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\tmlisten.exe
O23 - Service: TuneUp WinStyler Theme Service - TuneUp Software GmbH -
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Click to expand...
Click to expand...
 
V

Vjeran

more info:
this problem happend first time whan I had installed sygate personal
firewall, and then sygate pro firewall over the first one and something went
wrong... but I managed to fix it....

few months after I tried to instal Wingate, and after that system hanged...
I removed it, but it waits for 10 min. after logon until then...

and there are no logs about that in event viewer..


Vjeran said:
Hello,

i have one big annoying problem. After entering password on logon screen in
windows xp, my computer hangs/waits for cca 10minutes (hdd lamp not
flashing- only first 30s)... loadin your personal preferences...every
time...

i tried to fix it (checking startup options, registry ...) but nothing
worked for me...

does anybody know what could cause the problem

PS
maybe this can help...

Logfile of HijackThis v1.99.0
Scan saved at 12:14:28, on 07.03.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\VTTimer.exe
C:\Program Files\Cherry\KeyMan\KeyMan.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\DynDNS Updater\DynDNS.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Cherry\CDI\CDI.exe
C:\Program Files\DriveCrypt\DcrServ.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Microsoft SQL Server\MSSQL$NETSDK\Binn\sqlservr.exe
C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
C:\Program Files\Trend Micro\Security
Server\PCCSRV\web\service\ofcservice.exe
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web\Service\DbServer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
C:\Program Files\Trend Micro\Client Server Security Agent\Pop3Trap.exe
C:\WINDOWS\TEMP\KTC835.EXE
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\inetsrv\DavCData.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\user\Desktop\Programi\hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.com
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program
Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [CherryKeyMan] "C:\Program Files\Cherry\KeyMan\KeyMan.exe"
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend
Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [RemoteControl] "C:\Program
Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [DynDNS Updater] "C:\Program Files\DynDNS
Updater\DynDNS.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL
Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Download with GetRight - C:\Program
Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program
Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Send to Keyman - C:\Program
Files\Cherry\KeyMan\IEMenuExtKeyman.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
O15 - Trusted IP range: http://172.16.10.100
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) -
https://172.16.10.100/officescan/console/ClientInstall/WinNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition
Web-Deployment SetupINICtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition
Web-Deployment SetupCtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/setup.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) -
https://172.16.10.102/officescan/console/html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition
Web-Deployment ObjRemoveCtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121404834828
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {69B502DF-D12F-4FD7-9892-D8DFA2D96474} (OfficeScan Management
Console) - https://172.16.10.102/officescan/console/html/AtxConsole.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner
2.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {A050E865-64E3-431B-8079-F0DFCEA90A2D} (PieChart Class) -
https://172.16.10.102/officescan/console/html/AtxPie.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -
http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O16 - DPF: {E78DE03F-DC83-40DB-B590-8FD80BE5F7C8} (Security Server
Management Console) -
https://172.16.10.100/SMB/console/html/root/AtxConsole.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{59DD1946-28AA-4CE9-8493-DC4DDF466962}:
NameServer = 195.29.150.3,195.29.150.4
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common
Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: pcAnywhere Host Service - Symantec Corporation - C:\Program
Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Cherry Device Interface - Cherry Gmbh, Auerbach Germany,
www.cherry.de - C:\Program Files\Cherry\CDI\CDI.exe
O23 - Service: DriveCrypt Service - Unknown - C:\Program
Files\DriveCrypt\DcrServ.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation -
C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan -
Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\ntrtscan.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall -
Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\OfcPfwSvc.exe
O23 - Service: Trend Micro Security Server Master Service - Trend Micro
Inc. - C:\Program Files\Trend Micro\Security
Server\PCCSRV\web\service\ofcservice.exe
O23 - Service: WinAgents TFTP Service - WinAgents Software Group
(http://www.winagents.com) - C:\PROGRA~1\WINAGE~1\TFTPSE~1\TFTPd.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener - Trend
Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\tmlisten.exe
O23 - Service: TuneUp WinStyler Theme Service - TuneUp Software GmbH -
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Click to expand...
 
A

Anthony

Have you uninstalled Wingate and Sygate completely?? Try looking at what is
loading automatically when you start Windows. Go to Start>Run and type in
MSCONFIG and hit OK. Then look on the Startup tab and see what all has check
marks by it. Try and determine if it is needed or not. Just uncheck what you
don't want to start automatically, APPLY, OK and restart. If you aren't sure
what something is then just leave it checked. And keep looking at the event
viewer. Clear out all events and then reboot so that you have fresh
information in there. Hope that helps.
Anthony

Vjeran said:
more info:
this problem happend first time whan I had installed sygate personal
firewall, and then sygate pro firewall over the first one and something
went
wrong... but I managed to fix it....

few months after I tried to instal Wingate, and after that system
hanged...
I removed it, but it waits for 10 min. after logon until then...

and there are no logs about that in event viewer..


Vjeran said:
Hello,

i have one big annoying problem. After entering password on logon screen in
windows xp, my computer hangs/waits for cca 10minutes (hdd lamp not
flashing- only first 30s)... loadin your personal preferences...every
time...

i tried to fix it (checking startup options, registry ...) but nothing
worked for me...

does anybody know what could cause the problem

PS
maybe this can help...

Logfile of HijackThis v1.99.0
Scan saved at 12:14:28, on 07.03.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\VTTimer.exe
C:\Program Files\Cherry\KeyMan\KeyMan.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\DynDNS Updater\DynDNS.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Cherry\CDI\CDI.exe
C:\Program Files\DriveCrypt\DcrServ.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Microsoft SQL Server\MSSQL$NETSDK\Binn\sqlservr.exe
C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
C:\Program Files\Trend Micro\Security
Server\PCCSRV\web\service\ofcservice.exe
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web\Service\DbServer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
C:\Program Files\Trend Micro\Client Server Security Agent\Pop3Trap.exe
C:\WINDOWS\TEMP\KTC835.EXE
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\inetsrv\DavCData.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\user\Desktop\Programi\hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.com
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program
Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [CherryKeyMan] "C:\Program Files\Cherry\KeyMan\KeyMan.exe"
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend
Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [RemoteControl] "C:\Program
Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [DynDNS Updater] "C:\Program Files\DynDNS
Updater\DynDNS.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL
Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Download with GetRight - C:\Program
Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program
Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Send to Keyman - C:\Program
Files\Cherry\KeyMan\IEMenuExtKeyman.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
O15 - Trusted IP range: http://172.16.10.100
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) -
https://172.16.10.100/officescan/console/ClientInstall/WinNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp
Edition
Web-Deployment SetupINICtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp
Edition
Web-Deployment SetupCtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/setup.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) -
https://172.16.10.102/officescan/console/html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp
Edition
Web-Deployment ObjRemoveCtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121404834828
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {69B502DF-D12F-4FD7-9892-D8DFA2D96474} (OfficeScan Management
Console) - https://172.16.10.102/officescan/console/html/AtxConsole.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online
Scanner
2.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {A050E865-64E3-431B-8079-F0DFCEA90A2D} (PieChart Class) -
https://172.16.10.102/officescan/console/html/AtxPie.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -
http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O16 - DPF: {E78DE03F-DC83-40DB-B590-8FD80BE5F7C8} (Security Server
Management Console) -
https://172.16.10.100/SMB/console/html/root/AtxConsole.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{59DD1946-28AA-4CE9-8493-DC4DDF466962}:
NameServer = 195.29.150.3,195.29.150.4
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common
Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: pcAnywhere Host Service - Symantec Corporation -
C:\Program
Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Cherry Device Interface - Cherry Gmbh, Auerbach Germany,
www.cherry.de - C:\Program Files\Cherry\CDI\CDI.exe
O23 - Service: DriveCrypt Service - Unknown - C:\Program
Files\DriveCrypt\DcrServ.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation -
C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan -
Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\ntrtscan.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall -
Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\OfcPfwSvc.exe
O23 - Service: Trend Micro Security Server Master Service - Trend Micro
Inc. - C:\Program Files\Trend Micro\Security
Server\PCCSRV\web\service\ofcservice.exe
O23 - Service: WinAgents TFTP Service - WinAgents Software Group
(http://www.winagents.com) - C:\PROGRA~1\WINAGE~1\TFTPSE~1\TFTPd.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener - Trend
Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\tmlisten.exe
O23 - Service: TuneUp WinStyler Theme Service - TuneUp Software GmbH -
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Click to expand...
Click to expand...
 
V

Vjeran

i already tried that,,, with msconfig, hijackthis, autoruns from
sysinternals and other similar programs... and removed everything connected
with sygate and wingate.... first time with sygate i suceeded, but not after
wingate...
thx for help anyway anthony

Anthony said:
Have you uninstalled Wingate and Sygate completely?? Try looking at what is
loading automatically when you start Windows. Go to Start>Run and type in
MSCONFIG and hit OK. Then look on the Startup tab and see what all has check
marks by it. Try and determine if it is needed or not. Just uncheck what you
don't want to start automatically, APPLY, OK and restart. If you aren't sure
what something is then just leave it checked. And keep looking at the event
viewer. Clear out all events and then reboot so that you have fresh
information in there. Hope that helps.
Anthony

Vjeran said:
more info:
this problem happend first time whan I had installed sygate personal
firewall, and then sygate pro firewall over the first one and something
went
wrong... but I managed to fix it....

few months after I tried to instal Wingate, and after that system
hanged...
I removed it, but it waits for 10 min. after logon until then...

and there are no logs about that in event viewer..


Vjeran said:
Hello,

i have one big annoying problem. After entering password on logon
Click to expand...
screen
in
windows xp, my computer hangs/waits for cca 10minutes (hdd lamp not
flashing- only first 30s)... loadin your personal preferences...every
time...

i tried to fix it (checking startup options, registry ...) but nothing
worked for me...

does anybody know what could cause the problem

PS
maybe this can help...

Logfile of HijackThis v1.99.0
Scan saved at 12:14:28, on 07.03.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\VTTimer.exe
C:\Program Files\Cherry\KeyMan\KeyMan.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\DynDNS Updater\DynDNS.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Cherry\CDI\CDI.exe
C:\Program Files\DriveCrypt\DcrServ.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Microsoft SQL Server\MSSQL$NETSDK\Binn\sqlservr.exe
C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
C:\Program Files\Trend Micro\Security
Server\PCCSRV\web\service\ofcservice.exe
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web\Service\DbServer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
C:\Program Files\Trend Micro\Client Server Security Agent\Pop3Trap.exe
C:\WINDOWS\TEMP\KTC835.EXE
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\inetsrv\DavCData.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\user\Desktop\Programi\hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.com
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program
Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [CherryKeyMan] "C:\Program Files\Cherry\KeyMan\KeyMan.exe"
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend
Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [RemoteControl] "C:\Program
Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [DynDNS Updater] "C:\Program Files\DynDNS
Updater\DynDNS.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL
Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Download with GetRight - C:\Program
Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program
Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Send to Keyman - C:\Program
Files\Cherry\KeyMan\IEMenuExtKeyman.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
O15 - Trusted IP range: http://172.16.10.100
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) -
https://172.16.10.100/officescan/console/ClientInstall/WinNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp
Edition
Web-Deployment SetupINICtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp
Edition
Web-Deployment SetupCtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/setup.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) -
https://172.16.10.102/officescan/console/html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp
Edition
Web-Deployment ObjRemoveCtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
Click to expand...
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121404834828
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {69B502DF-D12F-4FD7-9892-D8DFA2D96474} (OfficeScan Management
Console) - https://172.16.10.102/officescan/console/html/AtxConsole.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online
Scanner
2.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {A050E865-64E3-431B-8079-F0DFCEA90A2D} (PieChart Class) -
https://172.16.10.102/officescan/console/html/AtxPie.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -
Click to expand...
http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O16 - DPF: {E78DE03F-DC83-40DB-B590-8FD80BE5F7C8} (Security Server
Management Console) -
https://172.16.10.100/SMB/console/html/root/AtxConsole.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{59DD1946-28AA-4CE9-8493-DC4DDF466962}:
NameServer = 195.29.150.3,195.29.150.4
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common
Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: pcAnywhere Host Service - Symantec Corporation -
C:\Program
Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Cherry Device Interface - Cherry Gmbh, Auerbach Germany,
www.cherry.de - C:\Program Files\Cherry\CDI\CDI.exe
O23 - Service: DriveCrypt Service - Unknown - C:\Program
Files\DriveCrypt\DcrServ.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation -
C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan -
Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\ntrtscan.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall -
Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\OfcPfwSvc.exe
O23 - Service: Trend Micro Security Server Master Service - Trend Micro
Inc. - C:\Program Files\Trend Micro\Security
Server\PCCSRV\web\service\ofcservice.exe
O23 - Service: WinAgents TFTP Service - WinAgents Software Group
(http://www.winagents.com) - C:\PROGRA~1\WINAGE~1\TFTPSE~1\TFTPd.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener - Trend
Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\tmlisten.exe
O23 - Service: TuneUp WinStyler Theme Service - TuneUp Software GmbH -
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Click to expand...
Click to expand...
Click to expand...
 
A

Anthony

Your welcome,
Hope you get it figured out
Anthony

Vjeran said:
i already tried that,,, with msconfig, hijackthis, autoruns from
sysinternals and other similar programs... and removed everything
connected
with sygate and wingate.... first time with sygate i suceeded, but not
after
wingate...
thx for help anyway anthony

Anthony said:
Have you uninstalled Wingate and Sygate completely?? Try looking at what is
loading automatically when you start Windows. Go to Start>Run and type in
MSCONFIG and hit OK. Then look on the Startup tab and see what all has check
marks by it. Try and determine if it is needed or not. Just uncheck what you
don't want to start automatically, APPLY, OK and restart. If you aren't sure
what something is then just leave it checked. And keep looking at the event
viewer. Clear out all events and then reboot so that you have fresh
information in there. Hope that helps.
Anthony

Vjeran said:
more info:
this problem happend first time whan I had installed sygate personal
firewall, and then sygate pro firewall over the first one and something
went
wrong... but I managed to fix it....

few months after I tried to instal Wingate, and after that system
hanged...
I removed it, but it waits for 10 min. after logon until then...

and there are no logs about that in event viewer..


Hello,

i have one big annoying problem. After entering password on logon screen
in
windows xp, my computer hangs/waits for cca 10minutes (hdd lamp not
flashing- only first 30s)... loadin your personal preferences...every
time...

i tried to fix it (checking startup options, registry ...) but nothing
worked for me...

does anybody know what could cause the problem

PS
maybe this can help...

Logfile of HijackThis v1.99.0
Scan saved at 12:14:28, on 07.03.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\VTTimer.exe
C:\Program Files\Cherry\KeyMan\KeyMan.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\DynDNS Updater\DynDNS.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Cherry\CDI\CDI.exe
C:\Program Files\DriveCrypt\DcrServ.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Microsoft SQL Server\MSSQL$NETSDK\Binn\sqlservr.exe
C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
C:\Program Files\Trend Micro\Security
Server\PCCSRV\web\service\ofcservice.exe
C:\Program Files\Trend Micro\Security
Server\PCCSRV\Web\Service\DbServer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
C:\Program Files\Trend Micro\Client Server Security
Agent\OfcPfwSvc.exe
C:\Program Files\Trend Micro\Client Server Security Agent\Pop3Trap.exe
C:\WINDOWS\TEMP\KTC835.EXE
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\inetsrv\DavCData.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\GetRight\GetRight.exe
C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\user\Desktop\Programi\hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.com
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat
7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} -
C:\Program
Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [CherryKeyMan] "C:\Program
Files\Cherry\KeyMan\KeyMan.exe"
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend
Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [RemoteControl] "C:\Program
Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [DynDNS Updater] "C:\Program Files\DynDNS
Updater\DynDNS.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL
Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Download with GetRight - C:\Program
Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program
Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Send to Keyman - C:\Program
Files\Cherry\KeyMan\IEMenuExtKeyman.html
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
O15 - Trusted IP range: http://172.16.10.100
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) -
https://172.16.10.100/officescan/console/ClientInstall/WinNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp
Edition
Web-Deployment SetupINICtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp
Edition
Web-Deployment SetupCtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/setup.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) -
https://172.16.10.102/officescan/console/html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp
Edition
Web-Deployment ObjRemoveCtrl Class) -
https://172.16.10.100/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121404834828
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {69B502DF-D12F-4FD7-9892-D8DFA2D96474} (OfficeScan Management
Console) -
https://172.16.10.102/officescan/console/html/AtxConsole.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online
Scanner
2.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {A050E865-64E3-431B-8079-F0DFCEA90A2D} (PieChart Class) -
https://172.16.10.102/officescan/console/html/AtxPie.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -

http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O16 - DPF: {E78DE03F-DC83-40DB-B590-8FD80BE5F7C8} (Security Server
Management Console) -
https://172.16.10.100/SMB/console/html/root/AtxConsole.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{59DD1946-28AA-4CE9-8493-DC4DDF466962}:
NameServer = 195.29.150.3,195.29.150.4
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common
Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: pcAnywhere Host Service - Symantec Corporation -
C:\Program
Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Cherry Device Interface - Cherry Gmbh, Auerbach
Germany,
www.cherry.de - C:\Program Files\Cherry\CDI\CDI.exe
O23 - Service: DriveCrypt Service - Unknown - C:\Program
Files\DriveCrypt\DcrServ.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation -
C:\Program Files\Common Files\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Trend Micro Client/Server Security Agent RealTime
Scan -
Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\ntrtscan.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal
Firewall -
Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\OfcPfwSvc.exe
O23 - Service: Trend Micro Security Server Master Service - Trend
Micro
Inc. - C:\Program Files\Trend Micro\Security
Server\PCCSRV\web\service\ofcservice.exe
O23 - Service: WinAgents TFTP Service - WinAgents Software Group
(http://www.winagents.com) - C:\PROGRA~1\WINAGE~1\TFTPSE~1\TFTPd.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener - Trend
Micro Inc. - C:\Program Files\Trend Micro\Client Server Security
Agent\tmlisten.exe
O23 - Service: TuneUp WinStyler Theme Service - TuneUp Software GmbH -
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Click to expand...
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Spoolsv.exe problem - Continued 8
IE redirection problem 2
Cannt access Microsoft Website 1
Microsoft Visual C++ runtime library error (smproxy.exe) 2
HiJack this log: 2
No internet connection works + new computer slowness. HJT log incl 7
question about 7 viruses and worms.please HELP! 3
Please help, Virus problem 0

Top