prosze o sprawdzenie loga

IP: *.neoplus.adsl.tpnet.pl 31.10.05, 17:48
Logfile of HijackThis v1.99.1
Scan saved at 17:44:07, on 05-10-31
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
D:\KASPERSKY ANTI-VIRUS PERSONAL\KAVSVC.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\ATITASK.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\NEOSTRADA TP\CNXMON.EXE
C:\PROGRAM FILES\NEOSTRADA TP\TASKBARICON.EXE
D:\KASPERSKY ANTI-VIRUS PERSONAL\KAV.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\SAGEM\SAGEM F@ST 800-840\DSLMON.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\NEOSTRADA TP\NEOSTRADATP.EXE
C:\PROGRAM FILES\NEOSTRADA TP\COMCOMP.EXE
C:\PROGRAM FILES\NEOSTRADA TP\WATCH.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
D:\EMULE\EMULE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\PULPIT\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) =
clearsurfing.net/srch.php?qq=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
szukaj.wp.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
res://C:\WINDOWS\SYSTEM\PROTECT32.DLL/sp.html (obfuscated)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.gazeta.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
res://C:\WINDOWS\SYSTEM\PROTECT32.DLL/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
res://C:\WINDOWS\SYSTEM\PROTECT32.DLL/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
res://C:\WINDOWS\SYSTEM\PROTECT32.DLL/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
res://C:\WINDOWS\SYSTEM\PROTECT32.DLL/sp.html (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada
TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} -
C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
R3 - URLSearchHook: (no name) - {59274CD1-8E4E-1325-A97B-8F86DE08B187} -
MNTP.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0 CE\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} -
C:\WINDOWS\LOCALNRD.DLL
O2 - BHO: (no name) - {68F03B00-6D91-11D9-A89A-00079506C84D} -
C:\WINDOWS\SYSTEM\MSDDA.DLL (file missing)
O2 - BHO: (no name) - {76DB2861-6D91-11D9-A89A-000716BF293A} -
C:\WINDOWS\SYSTEM\PROTECT32.DLL (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: FreshBar - {06ABAA2D-34AB-4902-A326-409BD9B9A7A5} -
C:\WINDOWS\SYSTEM\IESP1.DLL (file missing)
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM\..\Run: [C-Media Mixer] C:\Program Files\PCI Audio
Applications\Bin\AudioRack.exe /MixerStartup
O4 - HKLM\..\Run: [LWBMOUSE] C:\PROGRA~1\NETMOU~1\V2.0\NETMOUSE.EXE
O4 - HKLM\..\Run: [SiSSWLED] C:\WINDOWS\SYSTEM\sisswled.exe
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - HKLM\..\Run: [Linksts] Linksts.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRAM FILES\NEOSTRADA
TP\taskbaricon.exe
O4 - HKLM\..\Run: [egpzgfbqboy] C:\WINDOWS\SYSTEM\srzwzk.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\PROGRAM FILES\WEB_REBATES\WebRebates0.exe"
O4 - HKLM\..\Run: [uio] Dest068.exe
O4 - HKLM\..\Run: [xwiz] powerdll.exe
O4 - HKLM\..\Run: [AdTools Service] C:\PROGRAM FILES\ADTOOLS
SERVICE\ADTOOLS.EXE
O4 - HKLM\..\Run: [SPRESTRST] C:\WINDOWS\SYSTEM\SPRESTRST.EXE
O4 - HKLM\..\Run: [KAVPersonal50] "D:\Kaspersky Anti-Virus
Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [RNBOStart] C:\WINDOWS\SYSTEM\RNBOSENT\SENTSTRT.EXE
O4 - HKLM\..\RunServices: [kavsvc] "D:\Kaspersky Anti-Virus
Personal\kavsvc.exe"
O4 - HKCU\..\Run: [WareOut] "C:\Program Files\WareOut\WareOut.exe"
O4 - HKCU\..\Run: [newbreed] zantu.exe
O4 - HKCU\..\Run: [prcmon] ms-its.exe
O4 - HKCU\..\Run: [SAPSTR] WTFCTF.exe
O4 - Startup: Microsoft Office.lnk = C:\WINDOWS\Dane
aplikacji\Microsoft\Installer\{00000415-78E1-11D2-B60F-006097C998E7}\misc.exe
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840
\dslmon.exe
O8 - Extra context menu item: Web Rebates - file://C:\PROGRAM
FILES\WEB_REBATES\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:\WINDOWS\web\related.htm
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .au: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O15 - Trusted Zone: *.63.219.181.7
O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cab
O18 - Filter: text/html - {76DB2860-6D91-11D9-A89A-000779F38CA1} -
C:\WINDOWS\SYSTEM\PROTECT32.DLL
O18 - Filter: text/plain - {76DB2860-6D91-11D9-A89A-000779F38CA1} -
C:\WINDOWS\SYSTEM\PROTECT32.DLL
    • Gość: Kolobos Re: prosze o sprawdzenie loga IP: *.warszawa.sdi.tpnet.pl 31.10.05, 18:02
      Uzyj tego:
      cwshredder.net/bin/CWShredder.exe
      hsremove.com/hsremove.exe
      www.malwarebytes.biz/AboutBuster.zip
      www.derbilk.de/SpSeHjfix109.zip
      Usun w hijackthis:

      R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) =
      clearsurfing.net/srch.php?qq=%s
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
      about:blank
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
      about:blank
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
      szukaj.wp.pl
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
      res://C:\WINDOWS\SYSTEM\PROTECT32.DLL/sp.html (obfuscated)
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
      www.gazeta.pl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
      res://C:\WINDOWS\SYSTEM\PROTECT32.DLL/sp.html (obfuscated)
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
      res://C:\WINDOWS\SYSTEM\PROTECT32.DLL/sp.html (obfuscated)
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
      about:blank
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      res://C:\WINDOWS\SYSTEM\PROTECT32.DLL/sp.html (obfuscated)
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      about:blank
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      res://C:\WINDOWS\SYSTEM\PROTECT32.DLL/sp.html (obfuscated)
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      about:blank
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada
      TP
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} -
      C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
      R3 - URLSearchHook: (no name) - {59274CD1-8E4E-1325-A97B-8F86DE08B187} -
      MNTP.dll (file missing)
      O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} -
      C:\WINDOWS\LOCALNRD.DLL
      O2 - BHO: (no name) - {68F03B00-6D91-11D9-A89A-00079506C84D} -
      C:\WINDOWS\SYSTEM\MSDDA.DLL (file missing)
      O2 - BHO: (no name) - {76DB2861-6D91-11D9-A89A-000716BF293A} -
      C:\WINDOWS\SYSTEM\PROTECT32.DLL (file missing)
      O3 - Toolbar: FreshBar - {06ABAA2D-34AB-4902-A326-409BD9B9A7A5} -
      C:\WINDOWS\SYSTEM\IESP1.DLL (file missing)
      O4 - HKLM\..\Run: [egpzgfbqboy] C:\WINDOWS\SYSTEM\srzwzk.exe
      O4 - HKLM\..\Run: [WebRebates0] "C:\PROGRAM FILES\WEB_REBATES\WebRebates0.exe"
      O4 - HKLM\..\Run: [uio] Dest068.exe
      O4 - HKLM\..\Run: [xwiz] powerdll.exe
      O4 - HKLM\..\Run: [AdTools Service] C:\PROGRAM FILES\ADTOOLS
      SERVICE\ADTOOLS.EXE <- usuwasz katalog ADTOOLS
      O4 - HKLM\..\Run: [SPRESTRST] C:\WINDOWS\SYSTEM\SPRESTRST.EXE
      O4 - HKCU\..\Run: [WareOut] "C:\Program Files\WareOut\WareOut.exe"
      O4 - HKCU\..\Run: [newbreed] zantu.exe
      O4 - HKCU\..\Run: [prcmon] ms-its.exe
      O4 - HKCU\..\Run: [SAPSTR] WTFCTF.exe
      O4 - Startup: Microsoft Office <- usun skrot z autostartu
      O4 - Startup: PowerReg SchedulerV2.exe <- usun plik
      O8 - Extra context menu item: Web Rebates - file://C:\PROGRAM
      FILES\WEB_REBATES\Sy1150\Tp1150\scri1150a.htm <- usun katalog WEB_REBATES
      O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
      C:\WINDOWS\web\related.htm
      O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
      00aa003c157a} - C:\WINDOWS\web\related.htm
      O15 - Trusted Zone: *.63.219.181.7
      O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
      O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab
      O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
      O16 - DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cab
      O18 - Filter: text/html - {76DB2860-6D91-11D9-A89A-000779F38CA1} -
      C:\WINDOWS\SYSTEM\PROTECT32.DLL
      O18 - Filter: text/plain - {76DB2860-6D91-11D9-A89A-000779F38CA1} -
      C:\WINDOWS\SYSTEM\PROTECT32.DLL

      Wszystkie wymienione pliki kasujesz z dysku.

      Przeskanuj tez tym:
      www.safer-networking.org/pl/mirrors/index.html <- SpyBot S&D ->
      przeskanuj i wlacz ochrone przegladarki
      www.javacoolsoftware.com/spywareblaster.html <- SpywareBlaster -> wlacz
      ochrone przegladarki
      oraz download.ewido.net/ewido-setup.exe <- zrob update przed
      skanowaniem, po przeskanowaniu odinstaluj, o ile dziala pod 9x.

      Po wszystkim wklej nowy log.
      • Gość: xeper Re: prosze o sprawdzenie loga IP: *.neoplus.adsl.tpnet.pl 31.10.05, 18:52
        po zastosowaniu się do Twoich wskazówek log wygląda następująco:

        Logfile of HijackThis v1.99.1
        Scan saved at 18:49:17, on 05-10-31
        Platform: Windows 98 SE (Win9x 4.10.2222A)
        MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

        Running processes:
        C:\WINDOWS\SYSTEM\KERNEL32.DLL
        C:\WINDOWS\SYSTEM\MSGSRV32.EXE
        C:\WINDOWS\SYSTEM\MPREXE.EXE
        C:\WINDOWS\SYSTEM\MSTASK.EXE
        D:\KASPERSKY ANTI-VIRUS PERSONAL\KAVSVC.EXE
        C:\WINDOWS\SYSTEM\mmtask.tsk
        C:\WINDOWS\EXPLORER.EXE
        C:\WINDOWS\SYSTEM\INTERNAT.EXE
        C:\WINDOWS\TASKMON.EXE
        C:\WINDOWS\SYSTEM\SYSTRAY.EXE
        C:\WINDOWS\SYSTEM\ATICWD32.EXE
        C:\WINDOWS\SYSTEM\ATITASK.EXE
        C:\WINDOWS\SYSTEM\WMIEXE.EXE
        C:\WINDOWS\SYSTEM\STIMON.EXE
        C:\PROGRAM FILES\NEOSTRADA TP\CNXMON.EXE
        C:\PROGRAM FILES\NEOSTRADA TP\TASKBARICON.EXE
        D:\KASPERSKY ANTI-VIRUS PERSONAL\KAV.EXE
        C:\PROGRAM FILES\SAGEM\SAGEM F@ST 800-840\DSLMON.EXE
        C:\WINDOWS\SYSTEM\RNAAPP.EXE
        C:\WINDOWS\SYSTEM\TAPISRV.EXE
        C:\PROGRAM FILES\NEOSTRADA TP\NEOSTRADATP.EXE
        C:\PROGRAM FILES\NEOSTRADA TP\COMCOMP.EXE
        C:\PROGRAM FILES\NEOSTRADA TP\WATCH.EXE
        C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
        C:\WINDOWS\SYSTEM\DDHELP.EXE
        C:\WINDOWS\PULPIT\HIJACKTHIS\HIJACKTHIS.EXE

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
        www.gazeta.pl/
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
        C:\PROGRAM FILES\ADOBE\ACROBAT 5.0 CE\READER\ACTIVEX\ACROIEHELPER.OCX
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
        C:\WINDOWS\SYSTEM\MSDXM.OCX
        O4 - HKLM\..\Run: [internat.exe] internat.exe
        O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
        O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
        O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
        O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
        powrprof.dll,LoadCurrentPwrScheme
        O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
        O4 - HKLM\..\Run: [AtiKey] Atitask.exe
        O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
        O4 - HKLM\..\Run: [Zasobnik systemowy] SysTray.Exe
        O4 - HKLM\..\Run: [C-Media Mixer] C:\Program Files\PCI Audio
        Applications\Bin\AudioRack.exe /MixerStartup
        O4 - HKLM\..\Run: [LWBMOUSE] C:\PROGRA~1\NETMOU~1\V2.0\NETMOUSE.EXE
        O4 - HKLM\..\Run: [SiSSWLED] C:\WINDOWS\SYSTEM\sisswled.exe
        O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
        O4 - HKLM\..\Run: [Linksts] Linksts.exe
        O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
        O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
        O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
        O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRAM FILES\NEOSTRADA TP\taskbaricon.exe
        O4 - HKLM\..\Run: [KAVPersonal50] "D:\Kaspersky Anti-Virus
        Personal\kav.exe" /minimize
        O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
        O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
        powrprof.dll,LoadCurrentPwrScheme
        O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
        O4 - HKLM\..\RunServices: [RNBOStart] C:\WINDOWS\SYSTEM\RNBOSENT\SENTSTRT.EXE
        O4 - HKLM\..\RunServices: [kavsvc] "D:\Kaspersky Anti-Virus Personal\kavsvc.exe"
        O4 - Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
        O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
        O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
        O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
        O12 - Plugin for .au: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
        O15 - Trusted Zone: *.63.219.181.7

        jednak nie mogę usunąć w HijackThis tego wpisu:
        O15 - Trusted Zone: *.63.219.181.7
        po usunięciu znowu się pojawia...
        • Gość: Kolobos Re: prosze o sprawdzenie loga IP: *.warszawa.sdi.tpnet.pl 31.10.05, 19:23
          Uzyj tego:
          www.searchengines.pl/phpbb203/index.php?act=Attach&type=post&id=459

          Najlepiej zmien tez przegladarke na Opere.
          • Gość: xeper Re: prosze o sprawdzenie loga IP: *.neoplus.adsl.tpnet.pl 31.10.05, 19:32
            Tobie tez ten link "nie wchodzi"?:)
            Dzięki za pomoc!! a Oprey używam "zamiennie" z IE, ale wydaje mi się że wolniej
            otwiera strony (może to tylko złudzenie).
            • Gość: Kolobos Re: prosze o sprawdzenie loga IP: *.warszawa.sdi.tpnet.pl 31.10.05, 22:03
              Cos im sie zepsulo, dlatego link nie dziala.
              • Gość: tata1959 Re: prosze o sprawdzenie loga IP: *.neoplus.adsl.tpnet.pl 01.11.05, 00:19
                witam
                hmm..O15 - Trusted Zone: *.63.219.181.7 >>>to Rootkit "Windows Security Center"
                ale tak jak napisał @Kolobos mamy problemy na forum,musisz zaczekać.

                pozdrawiam

                .
Pełna wersja