Internet konekcija, sumnja > virus ?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 07 Feb 2010 21:00

Pozdrav, trudicu se da otvorim temu prema pravilima...

- Svakih 4-5 minuta puca internet konekcija, ponekad umijesto jednog levog klika, on ''odradi'' 2, a ponekad kao da sam pritisnuo desni
- Ovo sa internetom ima 2-3 dana, a sa kikom 15-ak
- KIS 2010 cesta blokira napade sa nekih ip adresa
- WiMax 512/256


DDS (Ver_09-12-01.01) - NTFSx86
Run by pc at 20:42:28,51 on ned 07.02.2010
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_12
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.379 [GMT 1:00]

AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Di recnik\Di.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\pc\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2010\ievkbd.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Di dictionary] "c:\program files\di recnik\Di.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [C-Media Mixer] Mixer.exe /startup
mRun: [OrderReminder] c:\program files\hewlett-packard\orderreminder\OrderReminder.exe
mRun: [BtTray] "c:\program files\ivt corporation\bluesoleil\BtTray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Prevedi sa Di recnikom - c:\program files\di recnik\diie.htm
IE: Send by Bluetooth - c:\program files\ivt corporation\bluesoleil\transsend\ie\tsinfo.htm
IE: Send via &Message... - c:\program files\ivt corporation\bluesoleil\transsend\ie\tssms.htm
IE: Translate with Di dictionary -
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\pc\applic~1\mozilla\firefox\profiles\zr6jjqp2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\documents and settings\pc\application data\mozilla\firefox\profiles\zr6jjqp2.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\opera\program\plugins\nprpjplug.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2008-7-31 20616]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 36880]
R0 Vax347b;Vax347b;c:\windows\system32\drivers\Vax347b.sys [2009-8-18 159616]
R0 Vax347s;Vax347s;c:\windows\system32\drivers\Vax347s.sys [2009-8-18 5248]
R1 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2009-9-1 128016]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2010-1-21 315408]
R2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe [2009-10-20 340456]
R2 BsMobileCS;BsMobileCS;c:\program files\ivt corporation\bluesoleil\BsMobileCS.exe [2008-8-1 143467]
R2 StarWindService;StarWind iSCSI Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindService.exe [2005-4-2 217600]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-7-2 26248]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2009-9-14 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-10-2 19472]

=============== Created Last 30 ================

2010-02-07 12:41:57 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-02-07 12:41:57 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-01-26 17:27:01 0 d-----w- c:\program files\nettvplayer2.0
2010-01-25 10:56:08 3255 ----a-w- c:\windows\system32\wbem\Outlook_01ca9dad00033556.mof
2010-01-24 13:53:29 0 d-----w- c:\program files\NetTVPlus Player
2010-01-21 15:01:43 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2010-01-21 15:01:43 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2010-01-21 14:59:54 0 d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab
2010-01-21 14:59:53 0 d-----w- c:\program files\Kaspersky Lab
2010-01-21 14:57:59 0 d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2010-01-11 10:11:11 0 d-----w- C:\Seka Aleksic 2009

==================== Find3M ====================


============= FINISH: 20:43:40,07 ===============


mycity.rs/must-login.png

mycity.rs/must-login.png

Jos nesto, prosli put kad sam imao problem, trazili ste mi jos brdo ovih skenova da odradim, komp je potpuno zabudalio posle, i zavrsi u servisu. Ne bih ovaj put da im dajem novac.

Hvala !

Dopuna: 07 Feb 2010 21:04

Evo jos jedna slika gde se vidi taj napad...

P.S. Zamolio bih jos nekog, kad se sve ovo resi, nadam se uspesno, da me posavetuje, moze i na pm oko kompletne zastite, posto vec duze kuburim sa njom.

Hvala

Dopuna: 07 Feb 2010 21:05

Zaboravih fotku




Dopuna: 07 Feb 2010 21:06

Evo fotka, moze gornja delete

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Sto se tice ovih napada :

http://www.mycity.rs/Firewall-programi/Napada-me-n.....tml#132239

Sto se tice loga : Cist je.

Sto se tice zastite(posto ti je Kaspersky trial a kazes da ti se ne daju pare)

Najpopularniji FW programi :

Comodo Internet Security
Online Armor Free
Outpost Firewall Free
PC Tools Firewall Plus
ZoneAlarm Free Firewall


Napopularniji AV programi :

Avast! Free Antivirus
Avira AntiVir Personal Edition
AVG Anti-Virus Free Edition
Microsoft Security Essentials

To je to.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Znaci ne puca mi veza zbog nekog virusa i sl. ?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Kolko ja vidim, nemas nista sto bi moglo da uzrokuje tako ozbiljne probleme.

Kazi mi samo nesto. Jel si pokusavao pokrenuti GMER?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Jesam, al' prijavljuje gresku...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ok.. ovde je sve cisto.. To bi bilo to.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 07 Feb 2010 22:26

Vazi hvala onda...

Dopuna: 07 Feb 2010 23:02

Da pitam jos, ima li KIS trial neke mane u odnosu na full verziju u pogledu zastite ?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Kolko ja znam, nema..al mozda je bolje ipak da pogledas na njihovom sajtu...Znam samo da kad istekne trial vise se nece updateovati.