woly net...login

siemanko

mam problemos z netem neo 512 a transfer mam od 2-10 kB/s

Skanowałem MKS Virem usunal mi dwa trojany aczkolwiek nadal net sie tnie

dzwonilem do tp i gadali ze mam cos z kompem. dodaje login

Logfile of HijackThis v1.99.1
Scan saved at 13:05:50, on 2007-01-28
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilescFosSpeedspd.exe
C:Program Filesmks_vir_2007inMksFwall.exe
C:Program Filesmks_vir_2007inMksPC.exe
C:Program Filesmks_vir_2007inmksvirmonsvc.exe
C:WINDOWSsystem32
vsvc32.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSsystem32RunDll32.exe
C:WINDOWSsystem32qttask.exe
C:Program FilesJavajre1.5.0_10injusched.exe
C:Program FilesComPlus ApplicationsDAEMON Toolsdaemon.exe
C:Program FilesTechWheel Mouse5.0MOUSE32A.EXE
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilescFosSpeedcFosSpeed.exe
C:Program FilesLClockLClock.exe
C:WINDOWSsystem32 askswitch.exe
C:Program FilesUnlockerUnlockerAssistant.exe
C:Program FilesVisualTooltipVisualToolTip.exe
C:Program FilesStylerStyler.exe
C:Program FilesWinampwinampa.exe
C:Program Filesmks_vir_2007inmkstray.exe
C:Program Filesmks_vir_2007inmks_mail.exe
C:Program Filesmks_vir_2007inmksregmon.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:Program FilesMessengermsmsgs.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C:Program Filesmks_vir_2007inmksupdate.exe
C:Program FilesGadu-Gadugg.exe
C:Program FilesOperaOpera.exe
C:Documents and Settings123PulpithijackthisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.windowsxlive.net
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.windowsxlive.net
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1Spybot - Search & DestroySDHelper.dll
O2 - BHO: IE7pro - {68C55168-E188-40DF-A514-835FCD78B1BF} - C:Program FilesIE7proIE7pro.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_10inssv.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:Program FilesStylerTBStylerTB.dll
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSsystem32qttask.exe" -atboottime
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.5.0_10injusched.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 - HKLM..Run: [DAEMON Tools] "C:Program FilesComPlus ApplicationsDAEMON Toolsdaemon.exe" -lang 1033
O4 - HKLM..Run: [BearShare] "C:Program FilesBearShareBearShare.exe" /pause
O4 - HKLM..Run: [LWBMOUSE] C:Program FilesTechWheel Mouse5.0MOUSE32A.EXE
O4 - HKLM..Run: [GrooveMonitor] "C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe"
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [cFosSpeed] C:Program FilescFosSpeedcFosSpeed.exe
O4 - HKLM..Run: [LClock] C:Program FilesLClockLClock.exe
O4 - HKLM..Run: [CoolSwitch] C:WINDOWSsystem32 askswitch.exe
O4 - HKLM..Run: [UnlockerAssistant] "C:Program FilesUnlockerUnlockerAssistant.exe"
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 - HKLM..Run: [Vista Sidebar] C:Program FilesVista Sidebarsidebar.exe
O4 - HKLM..Run: [VisualTooltip] C:Program FilesVisualTooltipVisualToolTip.exe
O4 - HKLM..Run: [Blaero Start Orb] C:Program FilesBlaero Start OrbBlaero Start Orb.exe
O4 - HKLM..Run: [Styler] C:Program FilesStylerStyler.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [mkstray] C:Program Filesmks_vir_2007inmkstray.exe
O4 - HKLM..Run: [mks_mail] C:Program Filesmks_vir_2007inmks_mail.exe
O4 - HKLM..Run: [MKSRegmon] C:Program Filesmks_vir_2007inmksregmon.exe
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program FilesCommon FilesAheadLibNMBgMonitor.exe"
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [MailScanner] C:Program FilesMKS_VIR_2006Mks_mail.exe
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
O8 - Extra context menu item: Download Link Using Mega Manager... - C:Program FilesMegauploadMega Managermm_file.htm
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 - Extra context menu item: Pobierz z &BitSpirit - C:Program FilesBitSpiritsurl.htm
O9 - Extra button: IE7pro - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:Program FilesIE7proIE7pro.dll
O9 - Extra 'Tools' menuitem: IE7pro Ctrl+Alt+7 - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:Program FilesIE7proIE7pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_10inssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_10inssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007in\mkslsp.dll
O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007in\mkslsp.dll
O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007in\mkslsp.dll
O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007in\mkslsp.dll
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O15 - Trusted Zone: http://*.mks.com.pl
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MainControl Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O17 - HKLMSystemCCSServicesTcpip..{044BA027-6D98-4F1B-9412-E672E4C123F7}: NameServer = 194.204.152.34 217.98.63.164
O17 - HKLMSystemCS1ServicesTcpip..{044BA027-6D98-4F1B-9412-E672E4C123F7}: NameServer = 194.204.152.34 217.98.63.164
O17 - HKLMSystemCS2ServicesTcpip..{044BA027-6D98-4F1B-9412-E672E4C123F7}: NameServer = 194.204.152.34 217.98.63.164
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:PROGRA~1MICROS~2Office12GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:Program FilesCommon FilesMicrosoft SharedHelphxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:PROGRA~1COMMON~1MICROS~1OFFICE12MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll
O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - C:Program FilescFosSpeedspd.exe" -service (file missing)
O23 - Service: MksFwall - Unknown owner - C:Program Filesmks_vir_2007inMksFwall.exe
O23 - Service: MksPC - Unknown owner - C:Program Filesmks_vir_2007inMksPC.exe
O23 - Service: MksUpdate - MKS Sp. z o. o. - C:Program Filesmks_vir_2007inmksupdate.exe
O23 - Service: mks_vir file monitor (MksVirMonSvc) - Unknown owner - C:Program Filesmks_vir_2007inmksvirmonsvc.exe
O23 - Service: MkS_Scan - Unknown owner - C:Program Filesmks_vir_2007inmks_scan.exe
O23 - Service: NBService - Nero AG - C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe

Kod:: C:WINDOWSsystem32 askswitch.exe O4 - HKLM..Run: [Blaero Start Orb] C:Program FilesBlaero Start OrbBlaero Start Orb.exe

usuwasz (folder ręcznie w trybie awaryjnym, a wpis w hjt)

Kod:: O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007inmkslsp.dll O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007inmkslsp.dll O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007inmkslsp.dll O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007inmkslsp.dll

To ci spowalnia neta i kompa muli.
przeinstaluj ,albo zmien

Pozatym porzadek z autostartem zrob,bo kiedys ci ten komp nie ruszy w ogole
Usun zawartosc folderow temp

ps.zainstalu jjeszcze wiecej wodotryskow .

O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007inmkslsp.dll
O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007inmkslsp.dll
O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007inmkslsp.dll
O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007inmkslsp.dll

jak to usunac ??

to mozesz wywalic z autostartu, zbedne wpisy:

O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSsystem32qttask.exe" -atboottime
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.5.0_10injusched.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 - HKLM..Run: [BearShare] "C:Program FilesBearShareBearShare.exe" /pause
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program FilesCommon FilesAheadLibNMBgMonitor.exe"

O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe

Panel sterowania >>> Ustawienia regionalne >>> Języki >>> Detale >>> Zaawansowane >>> odznaczyć usługi tekstowe, zrób tak jeżeli nie używasz wielu języków

niunka napisał(a):

Kod:
O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007inmkslsp.dll O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007inmkslsp.dll O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007inmkslsp.dll O10 - Unknown file in Winsock LSP: c:program filesmks_vir_2007inmkslsp.dll

To ci spowalnia neta i kompa muli.
przeinstaluj ,albo zmien

To w tym wypadku nie szkodzi internetowi. Mimo ze to ingerencja w Winsock to jest bezpieczne. Można zostawić. Jeśli usuwać to zobacz do tematu fixy an trudne przypadki.