Skąd sciągnąć powerpointa 95 z internetu


(Adasbimbajs) #1

Witam.Mam pytanie gdzie jest powerpoint 95 pracujący w windows xp.Proszę podać link do programu?

"Silent Runners.vbs", revision 55, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:


HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"Komunikator" = "C:\Program Files\Tlen.pl\tlen.exe" ["o2.pl Sp. z o.o."]

"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]

"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" ["Google Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

"kav" = ""C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"" ["Kaspersky Lab"]

"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided)

-> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"

\InProcServer32(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]

{85589B5D-D53D-4237-A677-46B82EA275F3}(Default) = "WebAssist"

-> {HKLM...CLSID} = "WebAssist"

\InProcServer32(Default) = "C:\WINDOWS\WebAssist.dll" [file not found]

{AA58ED58-01DD-4d91-8333-CF10577473F7}(Default) = (no title provided)

-> {HKLM...CLSID} = "Google Toolbar Helper"

\InProcServer32(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"

-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"

\InProcServer32(Default) = "deskpan.dll" [file not found]

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"

-> {HKLM...CLSID} = "HyperTerminal Icon Ext"

\InProcServer32(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]

"{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}" = "jetAudio"

-> {HKLM...CLSID} = "JetFlExt"

\InProcServer32(Default) = "C:\Program Files\JetAudio\JetFlExt.dll" ["JetAudio, Inc."]

"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}" = "Eudora's Shell Extension"

-> {HKLM...CLSID} = "Eudora's Shell Extension"

\InProcServer32(Default) = "C:\Program Files\Qualcomm\Eudora\EuShlExt.dll" ["Qualcomm Inc."]

"{8e9d6600-f84a-11ce-8daa-00aa004a5691}" = "Shell extensions for NetWare"

-> {HKLM...CLSID} = "NetWare Objects"

\InProcServer32(Default) = "nwprovau.dll" [MS]

"{e3f2bac0-099f-11cf-8daa-00aa004a5691}" = "Shell extensions for NetWare"

-> {HKLM...CLSID} = "NetWare UNC Folder Menu"

\InProcServer32(Default) = "nwprovau.dll" [MS]

"{52c68510-09a0-11cf-8daa-00aa004a5691}" = "Shell extensions for NetWare"

-> {HKLM...CLSID} = "NetWare Hood Verbs"

\InProcServer32(Default) = "nwprovau.dll" [MS]

"{85E0B171-04FA-11D1-B7DA-00A0C90348D6}" = "Ochrona WWW"

-> {HKLM...CLSID} = "Ochrona WWW"

\InProcServer32(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll" ["Kaspersky Lab"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

<> "{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}" = "Eudora's Shell Extension"

-> {HKLM...CLSID} = "Eudora's Shell Extension"

\InProcServer32(Default) = "C:\Program Files\Qualcomm\Eudora\EuShlExt.dll" ["Qualcomm Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

-> {HKLM...CLSID} = "WPDShServiceObj Class"

\InProcServer32(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\

<> klogon\DLLName = "C:\WINDOWS\system32\klogon.dll" ["Kaspersky Lab"]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{F9DB5320-233E-11D1-9F84-707F02C10627}(Default) = "PDF Column Info"

-> {HKLM...CLSID} = "PDF Shell Extension"

\InProcServer32(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\SOFTWARE\Classes*\shellex\ContextMenuHandlers\

Kaspersky Anti-Virus(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll" ["Kaspersky Lab"]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

jetAudio(Default) = "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}"

-> {HKLM...CLSID} = "JetFlExt"

\InProcServer32(Default) = "C:\Program Files\JetAudio\JetFlExt.dll" ["JetAudio, Inc."]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

jetAudio(Default) = "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}"

-> {HKLM...CLSID} = "JetFlExt"

\InProcServer32(Default) = "C:\Program Files\JetAudio\JetFlExt.dll" ["JetAudio, Inc."]

Kaspersky Anti-Virus(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll" ["Kaspersky Lab"]

NetWareUNCMenu(Default) = "{e3f2bac0-099f-11cf-8daa-00aa004a5691}"

-> {HKLM...CLSID} = "NetWare UNC Folder Menu"

\InProcServer32(Default) = "nwprovau.dll" [MS]

Group Policies {GPedit.msc branch and setting}:


Note: detected settings may not have any effect.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

"shutdownwithoutlogon" = (REG_DWORD) dword:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) dword:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Devices: Allow undock without having to log on}

Active Desktop and Wallpaper:


Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

"Wallpaper" = "C:\Documents and Settings\Adam\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"

Enabled Scheduled Tasks:


"At1" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At2" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At3" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At4" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At5" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At6" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At7" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At8" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At9" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At10" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At11" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At12" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At13" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At14" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At15" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At16" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At17" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At18" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At19" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At20" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At21" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At22" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At23" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

"At24" -> launches: "C:\WINDOWS\system32\Rfxu84G0.exe" [file not found]

Winsock2 Service Provider DLLs:


Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

000000000004\LibraryPath = "%SystemRoot%\System32\nwprovau.dll" [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 18

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05

Toolbars, Explorer Bars, Extensions:


Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"

-> {HKLM...CLSID} = "&Google"

\InProcServer32(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"

-> {HKLM...CLSID} = "&Google"

\InProcServer32(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\

"{12C65305-B33D-4963-8905-C39CC1813C44}" = (no title provided)

-> {HKLM...CLSID} = "&Gooru Toolbar"

\InProcServer32(Default) = "C:\PROGRA~1\Gooru\GOORUT~1.DLL" [null data]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)

-> {HKLM...CLSID} = "&Google"

\InProcServer32(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]

Explorer Bars

HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\

HKLM\SOFTWARE\Classes\CLSID{12C65305-B33D-4963-8905-C39CC1813C44}(Default) = "&Gooru Toolbar"

Implemented Categories{00021494-0000-0000-C000-000000000046}\ [horizontal bar]

InProcServer32(Default) = "C:\PROGRA~1\Gooru\GOORUT~1.DLL" [null data]

HKLM\SOFTWARE\Classes\CLSID{85E0B171-04FA-11D1-B7DA-00A0C90348D6}(Default) = "Ochrona WWW"

Implemented Categories{00021493-0000-0000-C000-000000000046}\ [vertical bar]

InProcServer32(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll" ["Kaspersky Lab"]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\

{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}\

"ButtonText" = "Ochrona WWW"

Running Services (Display Name, Service Name, Path {Service DLL}):


Kaspersky Anti-Virus Home Edition 6.0, AVP, ""C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r" ["Kaspersky Lab"]

Usługa klienta dla systemu NetWare, NWCWorkstation, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\nwwks.dll" [MS]}

---------- (launch time: 2008-01-16 14:55:38)

<>: Suspicious data at a malware launch point.

  • This report excludes default entries except where indicated.

  • To see *everywhere* the script checks and *everything* it finds,

launch it from a command prompt or a shortcut with the -all parameter.

  • To search all directories of local fixed drives for DESKTOP.INI

DLL launch points, use the -supp parameter or answer "No" at the

first message box and "Yes" at the second message box.

---------- (total run time: 245 seconds, including 8 seconds for message boxes)

przypuszczam że nie mam tego programu ale znam się na logach


(Asterisk) #2

Proszę o wyjasnienie na PW sensu postawienia tego

tematu.W przeciwnym razie zostanie skasowany