bardzo prosze o sprawdzenie loga..
Logfile of HijackThis v1.99.1
Scan saved at 15:16:48, on 04/04/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSGLOOP.EXE
C:\WINDOWS\SYSTEM\MSG32.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NETROPA\ONE–TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\NETROPA\ONE–TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\PROGRAM FILES\NETROPA\ONE–TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\WINRAR\WINRAR.EXE
C:\WINDOWS\TEMP\RAR$EX00.726\HIJACKTHIS.EXE
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://c:\windows\TEMP\se.dll/spage.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://c:\windows\TEMP\se.dll/spage.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 – BHO: (no name) – {6103A548–A517–11D9–8DA7–000426E353CF} – C:\WINDOWS\SYSTEM\FMGG.DLL
O4 – HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 – HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 – HKLM\..\Run: [SystemTray] SysTray.Exe
O4 – HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One–touch Multimedia Keyboard\MMKeybd.exe
O4 – HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\DirectCD\DIRECTCD.EXE
O4 – HKLM\..\Run: [BtStart] c:\Program Files\Belkin\Bluetooth Software\bin\btstart.exe
O4 – HKLM\..\Run: [bpcpost.exe] c:\windows\SYSTEM\bpcpost.exe
O4 – HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.EXE –off
O4 – HKLM\..\Run: [LoadQM] loadqm.exe
O4 – HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 – HKLM\..\Run: [sp] rundll32 C:\WINDOWS\TEMP\SE.DLL,DllInstall
O4 – HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 – HKCU\..\Run: [MsnMsgr] "c:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 – HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SPYSWEEPER.EXE" /0
O12 – Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 – Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
O18 – Filter: text/html – {6103A547–A517–11D9–8DA7–0004577CC7BD} – C:\WINDOWS\SYSTEM\FMGG.DLL
O18 – Filter: text/plain – {6103A547–A517–11D9–8DA7–0004577CC7BD} – C:\WINDOWS\SYSTEM\FMGG.DLL
ps. jedno pytanie
w jaki sposob wylaczyc przywracanie systemu w angielskiej wersji win98
z gory dziekuje
tomtom
Scan saved at 15:16:48, on 04/04/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSGLOOP.EXE
C:\WINDOWS\SYSTEM\MSG32.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NETROPA\ONE–TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\NETROPA\ONE–TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\PROGRAM FILES\NETROPA\ONE–TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\WINRAR\WINRAR.EXE
C:\WINDOWS\TEMP\RAR$EX00.726\HIJACKTHIS.EXE
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://c:\windows\TEMP\se.dll/spage.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://c:\windows\TEMP\se.dll/spage.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 – BHO: (no name) – {6103A548–A517–11D9–8DA7–000426E353CF} – C:\WINDOWS\SYSTEM\FMGG.DLL
O4 – HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 – HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 – HKLM\..\Run: [SystemTray] SysTray.Exe
O4 – HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One–touch Multimedia Keyboard\MMKeybd.exe
O4 – HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\DirectCD\DIRECTCD.EXE
O4 – HKLM\..\Run: [BtStart] c:\Program Files\Belkin\Bluetooth Software\bin\btstart.exe
O4 – HKLM\..\Run: [bpcpost.exe] c:\windows\SYSTEM\bpcpost.exe
O4 – HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.EXE –off
O4 – HKLM\..\Run: [LoadQM] loadqm.exe
O4 – HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 – HKLM\..\Run: [sp] rundll32 C:\WINDOWS\TEMP\SE.DLL,DllInstall
O4 – HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 – HKCU\..\Run: [MsnMsgr] "c:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 – HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SPYSWEEPER.EXE" /0
O12 – Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 – Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
O18 – Filter: text/html – {6103A547–A517–11D9–8DA7–0004577CC7BD} – C:\WINDOWS\SYSTEM\FMGG.DLL
O18 – Filter: text/plain – {6103A547–A517–11D9–8DA7–0004577CC7BD} – C:\WINDOWS\SYSTEM\FMGG.DLL
ps. jedno pytanie
w jaki sposob wylaczyc przywracanie systemu w angielskiej wersji win98
z gory dziekuje
tomtom
Odpowiedzi: 3
Nie ma za co.
Czyli OK ?
Czyli OK ?
dzieki serdeczne :D
Do usuniecia se.dll uzyj tego fixa –> http://www.trojaner–info.de/cgi–bin/download.cgi?file=sphjfix
Po uzyciu zrob jeszcze jeden skan HiJackiem i jesli beda jakiekolwiek wpisy z tych ponizszych, usun je.
Po uzyciu zrob jeszcze jeden skan HiJackiem i jesli beda jakiekolwiek wpisy z tych ponizszych, usun je.
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://c:\windows\TEMP\se.dll/spage.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://c:\windows\TEMP\se.dll/spage.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 – BHO: (no name) – {6103A548–A517–11D9–8DA7–000426E353CF} – C:\WINDOWS\SYSTEM\FMGG.DLL
O4 – HKLM\..\Run: [sp] rundll32 C:\WINDOWS\TEMP\SE.DLL,DllInstall
O18 – Filter: text/html – {6103A547–A517–11D9–8DA7–0004577CC7BD} – C:\WINDOWS\SYSTEM\FMGG.DLL
O18 – Filter: text/plain – {6103A547–A517–11D9–8DA7–0004577CC7BD} – C:\WINDOWS\SYSTEM\FMGG.DLL
Ten system nie ma przywracania systemu. Pojawilo sie to dopiero od WinME.dontomeo:
w jaki sposob wylaczyc przywracanie systemu w angielskiej wersji win98
Strona 1 / 1