
Dobra do rzeczy. Sprawa jest prosta. Jak nauczyć się ( gdzie, co wykuć itp. ) rozpoznawania który wpis Ok, który nie itp. w logu??
SER napisał(a):3. Z czasem Twoja wiedza będzie już na tyle rozległa, że będziesz mógł sprawdzać logi
andig napisał(a):R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/spad/start.html
R3 - Default URLSearchHook is missing
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)N1 - Netscape 4: user_pref("browser.startup.homepage", "www.google.com"); (C:\Program Files\Netscape\Users\default\prefs.js)
N2 - Netscape 6: user_pref("browser.startup.homepage", "http://www.google.com"); (C:\Documents and Settings\User\Application Data\Mozilla\Profiles\defaulto9t1tfl.slt\prefs.js)
N2 - Netscape 6: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%206%5Csearchplugins%5CSBWeb_02.src"); (C:\Documents and Settings\User\Application Data\Mozilla\Profiles\defaulto9t1tfl.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.yahoo.com"); (C:WINDOWSApplication DataMozillaProfilesdefaultl7ujgpwv.sltprefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_02.src"); (C:WINDOWSApplication DataMozillaProfilesdefaultl7ujgpwv.sltprefs.js)
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O5 - control.ini: inetcpl.cpl=no
O11 - Options group: [!CNS] JWord(
O11 - Options group: [CommonName] CommonName
O15 - Trusted Zone: *.coolwebsearch.com
O15 - Trusted Zone: *.i-lookup.com
O15 - Trusted Zone: *.offshoreclicks.com
O15 - Trusted Zone: *.teensguru.com
O15 - Trusted Zone: *.msn.com
O15 - Trusted Zone: http://free.aol.com
O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in Trusted Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'https' protocol is in Trusted Zone, should be Internet Zone (HKLM)
O18 - Protocol: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82}
O20 - AppInit_DLLs: C:\WINDOWS\System32\MSGINA268r.dll
O20 - Winlogon Notify: QConGina - C:\WINDOWS\SYSTEM32\QConGina.dll
O20 - Winlogon Notify: ckpNotify - C:\WINDOWS\SYSTEM32\ckpNotify.dll
O21 - SSODL: Cereng - {6C9815A9-1E7F-448F-9802-301134AA8E81} - C:\WINNT\System32\xpie.dll
O21 - SSODL: fqvthm - {BCC90786-1663-AD2C-0D7B-37ECA7FA8695} - C:\WINDOWS\System32\wdb.dll
O21 - SSODL: Nicwin - {9849C720-EB07-11D8-A1ED-00600F782B0D} - C:\WINDOWS\SYSTEM\mfcmidi.dll
O21 - SSODL: SysTrayGUID - {342D5ACA-6747-4740-BE55-12D6966E6534} - c:\windows\system32\netgnd.dll
O21 - SSODL: Winwebext - {f46f437a-435f-49c8-b4af-9320d2354825} - C:\WINDOWS\System32\klengine.dll
itd. Nie moge podać jaki system i Running processes:, bo to są przykłady. I nie jest to log, tylko wpisy powyciągane z róznych działów na tej stronieR0, R1, R2, R3 - Strony startowe i wyszukiwarki IE
"Miejsce" w systemie:
Rejestr ..... a wyniki tego ogląda się przy każdym uruchomieniu przeglądarki.
"Wygląd" w logu:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/spad/start.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/spad/start.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.myexexex.com/search.php?said=spage
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.myexexex.com/search.php?said=spage
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.myexexex.com/searchbar.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.myexexex.com/search.php?said=spage&qq=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.myexexex.com/search.php?said=spage
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.myexexex.com/search.php?said=spage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.myexexex.com/searchbar.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.myexexex.com/search.php?said=spage&qq=%s
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://c:/spad/start.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.myexexex.com/search.php?said=spage&qq=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = tu adresik IP/nazwa domeny + port na którym chodzi proxy
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R2 - (na razie to nie jest pokazywane przez HijackThis)
R3 - Default URLSearchHook is missing
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 9 gości