1.Od 2 dni mam problem z kompem zrobil sie strasznie wolny:(Nawet teraz jak pisze tom wiadomosc on mi sie zaciol 
Gdy wchodze na swoj profil w xp dane laduja sie ze 3 min:(Strony laduja sie dwa razy wolniej niz 2 dni temu:( same przykrosci:(.
2.Mam podejrzenia co do tego a niewiem co to jest.
Nie kapuje??
Ściągnij program Hijackthis 1.99.1. Odpal go, naciśnij “Do a system scan and save a logfile”. Wszystko, co wygeneruje program, te wpisy, kopiujesz i wklejasz na forum!
Podasz mi linka ?? bo na tej stronie merjin nie moge tego znalezc
Trochę samodzielności.
http://216.180.233.162/~merijn/files/HijackThis.exe
Ten link był na stronie głównej Merijn.org.
Prad mi zgasl
Hijack
Logfile of HijackThis v1.99.1
Scan saved at 20:46:19, on 2005-05-01
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE
C:\Program Files\Media Pass\MediaPassK.exe
C:\Program Files\Media Pass\MediaPass.exe
C:\PROGRA~1\MAGICW~1\MW1HEL~1.EXE
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\PROGRA~1\DAP\DAP.EXE
C:\Program Files\eDonkey2000\edonkey2000.exe
C:\WINDOWS\System32\lexpps.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe
C:\WINDOWS\System32\javaw.exe
C:\Program Files\Avant Browser\avant.exe
C:\Documents and Settings\Marcin\Pulpit\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gadu-gadu.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - _{3FEFA96D-5D9F-4673-B0B0-49980A13899F} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {478BF0C1-4052-4584-0445-3F36599CFDC1} - (no file)
O2 - BHO: MPEG Support Dll - {57A70350-87D9-4EA2-B3AC-C1C1B5296035} - C:\WINDOWS\System32\mpegcore.dll
O2 - BHO: (no name) - {62ED8461-61FF-602C-AC7B-1C9433EA8AC6} - (no file)
O2 - BHO: (no name) - {8F658446-4CE9-4FE3-9FFA-C3BE54027144} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM…\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM…\Run: [sCANINICIO] “C:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe”
O4 - HKLM…\Run: [APVXDWIN] “C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE” /s
O4 - HKLM…\Run: [navapp] C:\Program Files\NavExcel\NavHelper\v2.0.4d\navapp.exe
O4 - HKLM…\Run: [Media Pass] C:\Program Files\Media Pass\MediaPassK.exe
O4 - HKLM…\Run: [MW1HelperStartUp] C:\PROGRA~1\MAGICW~1\MW1HEL~1.EXE /partner MW1
O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM…\Run: [eDonkey2000] “C:\Program Files\eDonkey2000\edonkey2000.exe” -t
O4 - HKCU…\Run: [ares] “C:\Program Files\Ares Lite Edition\Ares.exe” -h
O4 - HKCU…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [EdHTML] C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe /none
O4 - HKCU…\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray
O4 - Startup: Azureus.lnk = C:\Program Files\Azureus\Azureus.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.h … xdm119YYPL
O8 - Extra context menu item: Blokuj wszystkie obrazy z tego serwera - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Dodaj do listy blokowanych reklam - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Otwórz wszystkie adresy z tej strony… - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Podświetl - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Szukaj - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted IP range: 67.19.185.246 (HKLM)
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\MAIN.MHT! http://toolbarpartner.com//adverts//test3//ddfs.chm::/frame.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Media … dge-c6.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fu … .0.8-2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v … 2959123265
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} - http://67.19.185.246/i/8/loader2.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab
O17 - HKLM\System\CCS\Services\Tcpip…{C8883BC2-916B-4C65-B329-8AF74A9B3689}: NameServer = 194.204.159.1,194.204.152.34
O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\Program Files\Wirtualna Polska\wpkontakt\url_wpmsg.dll
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
Wszystkie czynności robisz w trybie awaryjnym z wył. przywracaniem systemu.
Dokładne info:
Cytaty z http://www.searchengines.pl/phpbb203/in … ic=12510#1 .
Kasacja ręczna: całego folderu (pogrubiony)
C:\Program Files\ Media Pass
Wpisy z poziomą kreseczką:
R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - _{3FEFA96D-5D9F-4673-B0B0-49980A13899F} - (no file)
Sposób ich usuwania:
Kasacja w Hijacku:
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {478BF0C1-4052-4584-0445-3F36599CFDC1} - (no file)
O2 - BHO: MPEG Support Dll - {57A70350-87D9-4EA2-B3AC-C1C1B5296035} - C:\WINDOWS\System32\mpegcore.dll
O2 - BHO: (no name) - {62ED8461-61FF-602C-AC7B-1C9433EA8AC6} - (no file)
O2 - BHO: (no name) - {8F658446-4CE9-4FE3-9FFA-C3BE54027144} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [navapp] C:\Program Files\NavExcel\NavHelper\v2.0.4d\navapp.exe
O4 - HKLM\..\Run: [Media Pass] C:\Program Files\Media Pass\MediaPassK.exe
O4 - HKLM\..\Run: [MW1HelperStartUp] C:\PROGRA~1\MAGICW~1\MW1HEL~1.EXE /partner MW1
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxdm119YYPL
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\\MAIN.MHT!http://toolbarpartner.com//adverts//test3//ddfs .chm::/frame.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c6.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitial Setup1.0.0.8-2.cab
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} - http://67.19.185.246/i/8/loader2.ocx
Następnie: Te wpisy usuwasz programem LSP-FIX - http://www.cexx.org/lspfix.htm
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
Następnie: Wpisy
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted IP range: 67.19.185.246 (HKLM)
usuwasz programem KillTrusted 0.6 - http://www.searchengines.pl/phpbb203/in … opic=26221
PS Masz zarejstrowaną wersję DAP’a?
Zrób wszystko, co napisałem. Potem wklej loga ponownie.
Ale to skomplikowane:DA ten spywar jakis grozny jest??
mam dap’a
Ale zarejestrowanego - czytaj: kupionego czy nie?
Nieważne teraz.
Teraz rób wszystko wg instrukcji.
Nie moge sciagnac tamtych programow:D
Ale woam pisze wlasnie z trybu awaryjnego i powiedzcie mi jak sie obsluguje LSPiX
Odpal LSP-Fix zaznacz “I know what I’m doing” następnie w okienku Keep zaznacz plik który chcesz usunąć i za pomocą strzałki (>>) przenieś go do okienka Remover i kliknij Finish
tylko sam nie wywalaj --podaj na forum te wpisy po lewej stronie
mswock
winrnr
newdonet6_38dll
rsvpsp
ktory usunac
Logfile of HijackThis v1.99.1
Scan saved at 13:21:36, on 2005-05-02
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE
C:\PROGRA~1\MAGICW~1\MW1HEL~1.EXE
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\PROGRA~1\DAP\DAP.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\WINDOWS\System32\javaw.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\Upgrader.exe
C:\Documents and Settings\Marcin\Pulpit\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gadu-gadu.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - _{3FEFA96D-5D9F-4673-B0B0-49980A13899F} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {478BF0C1-4052-4584-0445-3F36599CFDC1} - (no file)
O2 - BHO: MPEG Support Dll - {57A70350-87D9-4EA2-B3AC-C1C1B5296035} - C:\WINDOWS\System32\mpegcore.dll
O2 - BHO: (no name) - {62ED8461-61FF-602C-AC7B-1C9433EA8AC6} - (no file)
O2 - BHO: (no name) - {8F658446-4CE9-4FE3-9FFA-C3BE54027144} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM…\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM…\Run: [sCANINICIO] “C:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe”
O4 - HKLM…\Run: [APVXDWIN] “C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE” /s
O4 - HKLM…\Run: [navapp] C:\Program Files\NavExcel\NavHelper\v2.0.4d\navapp.exe
O4 - HKLM…\Run: [Media Pass] C:\Program Files\Media Pass\MediaPassK.exe
O4 - HKLM…\Run: [MW1HelperStartUp] C:\PROGRA~1\MAGICW~1\MW1HEL~1.EXE /partner MW1
O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM…\Run: [eDonkey2000] “C:\Program Files\eDonkey2000\edonkey2000.exe” -t
O4 - HKCU…\Run: [ares] “C:\Program Files\Ares Lite Edition\Ares.exe” -h
O4 - HKCU…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [EdHTML] C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe /none
O4 - HKCU…\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray
O4 - Startup: Azureus.lnk = C:\Program Files\Azureus\Azureus.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.h … xdm119YYPL
O8 - Extra context menu item: Blokuj wszystkie obrazy z tego serwera - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Dodaj do listy blokowanych reklam - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Otwórz wszystkie adresy z tej strony… - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Podświetl - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Szukaj - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\MAIN.MHT! http://toolbarpartner.com//adverts//test3//ddfs.chm::/frame.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Media … dge-c6.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fu … .0.8-2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v … 2959123265
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} - http://67.19.185.246/i/8/loader2.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab
O17 - HKLM\System\CCS\Services\Tcpip…{C8883BC2-916B-4C65-B329-8AF74A9B3689}: NameServer = 194.204.159.1,194.204.152.34
O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\Program Files\Wirtualna Polska\wpkontakt\url_wpmsg.dll
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
jeszcze leci:
boczi dał ci info jak masz to zrobic:
fixuj:
recznie ciachnij:MediaPassK.exe
recznie:Ares.exe" -h
pamietaj wylaczone przywracanie xp i tryb awaryjny
a o dapie juz nie wspomne i jesgo spyware
do roboty
O jeja:D
Mam znow problem mam usunac te media pask ale jak wchodze w program files tam nie ma tego folderu