Ne radi mi internet

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

E ovako. Sinoc je sve bilo naizgled normalno, palim jutros racunar i startovao mi se jedino icq. Prva pomisao je da opet ovo govno od huaweia ne radi i restartujem ga. Upalim, opet se jedino konektovao icq (msn i gtalk ne rade). Posto koristim operu, palim je, ucita mi jedan forum, ja srecna jer makar nesto radi, posle 15 min i tu nece da ucita ni jednu stranicu.
Ugasim opet to sranjce od telekoma, misleci da je to problem, ostavim do stoji nekih po sata ugasen, upalim, opet isto. Restartujem komp i dalje sve isto.

Setim se da probam iz ie da pokrenem neki drugi sajt i kad ono radi i eto tako....

P.S. Nijedan program koji zahteva internet mi ne radi, msn, gtalk, weather watcher, poppeeper. Outlook hoce da skine mailove. Sajtove ucitava ie i ff, operu ni da bekne.

I to je to. Slucaj nije hitan da se resi jer sam tu jos nekih sat vremena pa odo za Bgd i necu biti pored kompa do ponedeljka/utorka.... pa eto, cisto da vidite jel je neki virus ili sta vec.....



Logfile of HijackThis v1.99.1
Scan saved at 10:10:59, on 11.4.2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\VTTimer.exe
C:\WINDOWS\System32\VTtrayp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Weather Watcher\ww.exe
C:\Documents and Settings\Administrator\Desktop\poludecu\hlm.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1601.0\en-us\msntb.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [MECA] C:\Program Files\Meca\\Meca.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - [Link mogu videti samo ulogovani korisnici]
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

U logu nema nicega.

Probajmo i sledece:

Skini ComboFix sa jedne od sledecih adresa na Desktop:
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.


Bitno: zasto nemas instaliran Service pack 2 za Windows?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

@bobby

Uradim ovo u ponedeljak/utorak, cim dodjem kuci. Hvala na pomoci

P.S. nista ne pitaj za sp2..... stoji mi cd na stolu jos od prosle godine i eto....

Dopuna: 15 Apr 2008 11:31

Eto to je to


ComboFix 08-04-14.2 - Administrator 2008-04-15 11:23:39.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.1.1252.1.1033.18.133 [GMT 2:00]
Running from: C:\Documents and Settings\Administrator\Desktop\poludecu\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-03-15 to 2008-04-15 )))))))))))))))))))))))))))))))
.

2008-04-09 20:44 . 2008-04-10 19:58 <DIR> d-------- C:\Temp\Love in the Time of Cholera
2008-04-09 13:24 . 2008-04-09 13:27 <DIR> d-------- C:\Temp\The Five People You Meet in Heaven - prevod!
2008-04-09 13:22 . 2008-04-09 13:24 <DIR> d-------- C:\Temp\Music Within - prevod!
2008-04-05 18:06 . 2008-04-06 15:29 <DIR> d-------- C:\Temp\The Good Night - prevod
2008-04-05 18:05 . 2008-04-09 20:44 <DIR> d-------- C:\Temp
2008-03-30 22:30 . 2008-04-10 19:57 49 --a------ C:\WINDOWS\NeroDigital.ini
2008-03-30 18:09 . 2008-04-15 11:26 5,872,416 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-03-30 18:09 . 2008-04-15 11:26 97,312 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-03-30 18:09 . 2008-04-11 11:38 73,748 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-03-30 18:09 . 2008-04-11 11:38 11,072 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-03-30 18:00 . 2008-03-30 18:16 91,700 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-03-30 18:00 . 2008-03-30 18:00 85,860 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-03-30 17:57 . 2008-03-30 17:57 81,701 --a------ C:\WINDOWS\system32\drivers\klif.cab
2008-03-30 17:55 . 2008-03-30 17:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-03-30 15:46 . 2008-03-30 15:46 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Ahead
2008-03-30 15:44 . 2004-03-03 20:30 125,184 --a------ C:\WINDOWS\system32\drivers\imagesrv.sys
2008-03-30 15:44 . 2004-03-03 20:30 5,504 --a------ C:\WINDOWS\system32\drivers\imagedrv.sys
2008-03-30 15:43 . 2008-03-30 15:44 <DIR> d-------- C:\Program Files\Ahead
2008-03-30 15:43 . 2001-07-06 13:41 569,344 --a------ C:\WINDOWS\system32\imagr5.dll
2008-03-30 15:43 . 2001-07-06 11:44 544,768 --a------ C:\WINDOWS\system32\imagx5.dll
2008-03-30 15:43 . 2001-07-06 17:24 283,920 --a------ C:\WINDOWS\system32\ImagXpr5.dll
2008-03-30 15:43 . 2001-07-09 10:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2008-03-30 15:43 . 2000-06-26 10:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2008-03-30 15:43 . 2001-06-26 07:15 38,912 --a------ C:\WINDOWS\system32\picn20.dll
2008-03-30 15:42 . 2008-03-30 15:42 75 --a------ C:\WINDOWS\pdf2rtf.INI
2008-03-30 15:41 . 2008-03-30 21:41 1,024 --a------ C:\WINDOWS\system32\pdf2word.DAT

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-15 09:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-30 19:38 --------- d-s---w C:\Program Files\PTBSync
2008-03-30 19:34 --------- d-----w C:\Program Files\ICQToolbar
2008-03-30 15:57 --------- d-----w C:\Program Files\Kaspersky Lab
2008-03-30 13:44 --------- d-----w C:\Documents and Settings\Administrator\Application Data\POP Peeper
2008-03-30 13:43 --------- d-----w C:\Program Files\Common Files\Ahead
2008-03-18 10:46 --------- d-----w C:\Program Files\Java
2008-03-08 13:53 454,656 ----a-w C:\Program Files\putty.exe
2008-03-08 13:41 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-08 13:41 --------- d-----w C:\Program Files\Common Files\Deterministic Networks
2008-03-08 13:41 --------- d-----w C:\Program Files\Cisco Systems
2008-02-28 09:32 --------- d-----w C:\Documents and Settings\Administrator\Application Data\ICQ Toolbar
2008-02-28 07:25 --------- d-----w C:\Program Files\ICQ6
2008-02-26 11:26 --------- d-----w C:\Program Files\Opera
2008-02-23 08:48 --------- d-----w C:\Program Files\POP Peeper
2008-02-19 15:50 --------- d-----w C:\Program Files\Google
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 09:41 13312]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"MECA"="C:\Program Files\Meca\\Meca.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2005-03-11 05:33 53248 C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2005-11-04 06:15 163840 C:\WINDOWS\system32\VTTrayp.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 05:04 2879488 C:\WINDOWS\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-09-12 03:58 16264192 C:\WINDOWS\RTHDCPL.exe]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 17:35 32768]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20 227328]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 23:22 3739648]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2007-12-18 00:43 227856]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-08-29 09:41 13312]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]
WordWeb.lnk - C:\Program Files\WordWeb\wweb32.exe [2007-04-22 14:44:13 20992]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\strkjhk]
C:\WINDOWS\bdir\sdflkj3.exe

R3 ham50;Intel V92 HaM Data Fax Voice;C:\WINDOWS\System32\DRIVERS\IntelH51.sys [2001-08-06 15:11]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\System32\DRIVERS\klim5.sys [2007-12-13 13:28]

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2008-04-15 11:26:56
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 2

**************************************************************************
.
Completion time: 2008-04-15 11:28:26
ComboFix-quarantined-files.txt 2008-04-15 09:28:21

Pre-Run: 5,932,122,112 bytes free
Post-Run: 6,054,363,136 bytes free

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Hmmm... Zadnji deo loga kaze da postoje dva skrivena fajla, ali im ne navodi imena ili putanje.

Uradi sledeće:
Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u.
Raspakuj ga u neki folder.

Dupli klik na gmer.exe za početak: Izaberi Rootkit/Malware Tab na vrhu.
Klikni na Scan.
Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard.
U polju za pisanje poruke na forumu klikni desno dugme misa i odaberi opciju Paste.

Ukoliko log ne moze da stane u poruku, onda ga prikaci uz poruku (opcija Prikaci fajl).