CentrumXP Forum Tematyka portalu CentrumXP.pl Bezpieczeństwo Moźe rzuci ktoś fachowym okiem na takowy log

Moźe rzuci ktoś fachowym okiem na takowy log

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMSPOOL32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:PROGRAM FILESMKSBINNETMONSV.EXE
C:WINDOWSAGRSMMSG.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSEXPLORER.EXE
C:PROGRAM FILESMKSBINMKS_MON.EXE
C:PROGRAM FILESMKSBINMKS_MENU.EXE
C:PROGRAM FILESSAGEMSAGEM F@ST 800–840DSLMON.EXE
C:PROGRAM FILESHEWLETT–PACKARDAIOHP OFFICEJET 5100 SERIESBINHPOANT07.EXE
C:PROGRAM FILESHEWLETT–PACKARDAIOHP OFFICEJET 5100 SERIESFRUREMIND32.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:PROGRAM FILESMKSBINMKS_SCAN.EXE
C:PROGRAM FILESHEWLETT–PACKARDAIOSHAREDBINHPOEVM07.EXE
C:WINDOWSSYSTEMHPOIPM07.EXE
C:PROGRAM FILESHEWLETT–PACKARDAIOSHAREDBINHPOSTS07.EXE
C:PROGRAM FILESHEWLETT–PACKARDAIOSHAREDBINHPOFXM07.EXE
C:PROGRAM FILESGADU–GADUGG.EXE
C:PROGRAM FILESODTWARZACZ MULTIMEDIALNYMPLAYER2.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:PROGRAM FILESHEWLETT–PACKARDHP SHARE–TO–WEBHPGS2WNF.EXE
C:WINDOWSPULPITHIJACKTHISHIJACKTHIS.EXE

R1 – HKLMSoftwareMicrosoftInternet Explorer,SearchURL = about:blank
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://szukaj.wp.pl
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.interia.pl/
R0 – HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = www.interia.pl
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 – HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:PROGRAM FILESADOBEACROBAT 6.0 CEREADERACTIVEXACROIEHELPER.DLL
O2 – BHO: (no name) – {36B36ADC–80DE–434D–AE44–B4CA8E4D00D3} – (no file)
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – C:PROGRA~1SPYBOT~1SDHELPER.DLL
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSYSTEMMSDXM.OCX
O4 – HKLM..Run: [MKS_MON] C:Program FilesMKSBinmks_mon.exe
O4 – HKLM..Run: [MKS_MENU] C:Program FilesMKSBinmks_menu.exe
O4 – HKLM..Run: [autoclk] autoclk.exe
O4 – HKLM..RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM..RunServices: [MksMailService] C:PROGRAM FILESMKSBINNETMONSV.EXE
O4 – Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
O4 – Startup: HPAiODevice(hp officejet 5100 series) – 1.lnk = C:Program FilesHewlett–PackardAiOhp officejet 5100 seriesBinhpoant07.exe
O4 – Startup: Hewlett–Packard Recorder.lnk = C:Program FilesHewlett–PackardAiOhp officejet 5100 seriesFRURemind32.exe
O6 – HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 – HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:WINDOWSSYSTEMMSJAVA.DLL
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:WINDOWSSYSTEMMSJAVA.DLL
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – ms–its:mhtml:file://c: osuxyz.mht!http://213.158.119.18/auto/loudtorg.chm::/bridge–c46.cab

Dodam źe jest to sys 98
Z góry THX

Odpowiedzi: 1

Do usuniecia:

O2 – BHO: (no name) – {36B36ADC–80DE–434D–AE44–B4CA8E4D00D3} – (no file)
O6 – HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 – HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – ms–its:mhtml:file://c: osuxyz.mht!http://213.158.119.18/auto/loudtorg.chm::/bridge–c46.cab

Bobi

Dodano: 23.12.2004 16:02:01

Arias

Dodano:: 23.12.2004 14:11:20
Komentarzy:: 1

Strona 1 / 1