Srodne teme
Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

Zagusenje interneta i prekid saobracaja - mozda virus?

[es] :: Zaštita :: Zagusenje interneta i prekid saobracaja - mozda virus?

[ Pregleda: 1854 | Odgovora: 7 ] > FB > Twit

Postavi temu Odgovori

Autor
Pretraga teme: Traži
Markiranje Štampanje RSS

msc_bg
Bg

Član broj: 190918
Poruke: 69
*.adsl-1.sezampro.yu.

Sajt: www.OglasiOglasnik.com


Profil

icon Zagusenje interneta i prekid saobracaja - mozda virus?27.03.2009. u 18:19 - pre 184 meseci
E ovako ne znam da li sam potrefio de da postavim temu al ...

Znaci u poslednje 2 nedelje je pocelo da mi se desava sledece: puca im net ili ne pukne a smanji se brzina 10puta - download treba da mi bude 200 a on je maks 100 kb

ovi u tehnickoj podrsci nemaju pojma nista... menjao sam ruter i sve i opet isto

Da li zna neko sta da radim i u cemu je problem??
ako je virus kako da ga nadem i obrisem ako je to u pitanju? da i ponekad kad mi se smanji protok u task manageru pise da explorer.exe trenutno u procesu.

pomagajte ljudi prsnu cu vise a i mozda "potamanim" ove u sezamu

inace imam sezam Adsl 2mb i samo ja koristim net niko drugi. i imam AViru koja nista ne nalazi
 
Odgovor na temu

Nemanja Živanović

Član broj: 212716
Poruke: 459



+4 Profil

icon Re: Zagusenje interneta i prekid saobracaja - mozda virus?27.03.2009. u 18:31 - pre 184 meseci
Pozdrav msc_bg,
Za pocetak skini program HijackThis.

Kada ga preuzmes preimenuj fajl u bilo sta npr. blabla.exe. Pokreni ga i klikni na "Do a system scan and save a logfile". Taj log fajl iskopiraj ovde da vidimo.

Kolega valjan je dao sledece upustvo za proveru, ko ti to zagusuje net:

Citat:
A da bi brzo video koji ti exe gusi net, pogasi sve programe za koje znas da komuniciraju sa netom (browseri, mail clienti, chat programi/messengeri, torrenti/emule-ovi i sl.) i u command promptu kucaj "netstat -abno -p tcp >> c:\davitelj.txt" (umesto "c:\davitelj.txt" mozes staviti bilo koji fajl, bitno je samo da znas kako si ga nazvao jer tamo ces pronaci rezultat netstat komande). Sad otvori taj txt koji si kreirao, i u njemu ignorisi sve one redove gde je "local address" 0.0.0.0 i 127.0.0.1, kao i one gde je "foreign address" 0.0.0.0, 127.0.0.1 i tvoja IP adresa, i od onog sto preostane gledaj samo redove gde imas ESTABLISHED u koloni "state", pa vidi da li se u prvoj koloni spominje neki exe za koji nemas pojma sta je i zapisi njegov PID (nalazi se u poslednjoj koloni u tom redu). Taj program mozes da zaustavis pomocu komande "taskkill /PID xxxx /F", pri cemu umesto xxxx upises taj broj koji si malo pre zapisao. Pa ako ti net posle ovog lakse dise, onda mozes da pokusas rucno da obrises taj fajl koji ti je gusio net.


[Ovu poruku je menjao Nemanja Živanović dana 27.03.2009. u 20:17 GMT+1]
 
Odgovor na temu

msc_bg
Bg

Član broj: 190918
Poruke: 69
*.adsl-1.sezampro.yu.

Sajt: www.OglasiOglasnik.com


Profil

icon Re: Zagusenje interneta i prekid saobracaja - mozda virus?27.03.2009. u 19:43 - pre 184 meseci
restartovao sam komp i uradio log i evo :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:35:20, on 27.3.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Admin\Desktop\logofajl.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe"
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKLM\..\Run: [Userinit] C:\WINDOWS\system32\windowslive.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Livestation] C:\Program Files\Livestation\Livestation.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.co...t/wuweb_site.cab?1229441351203
O17 - HKLM\System\CCS\Services\Tcpip\..\{3C1078B5-CE74-4DA9-BF50-B0A06576C8D5}: NameServer = 77.105.0.18,77.105.0.19
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA774A96-309E-4D7B-9788-AC5BC1B59AF2}: NameServer = 77.105.0.18,77.105.0.19
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe

--
End of file - 11041 bytes
 
Odgovor na temu

Nemanja Živanović

Član broj: 212716
Poruke: 459



+4 Profil

icon Re: Zagusenje interneta i prekid saobracaja - mozda virus?27.03.2009. u 19:59 - pre 184 meseci
Ne vidim neke tregove malware-a. Jel si uradio ono sto sam ti naveo u citatu u mojoj poruci?
 
Odgovor na temu

valjan
Janko Valencik
Software Deployer
Schneider Electric
Novi Sad

Moderator
Član broj: 158605
Poruke: 3531
*.dynamic.sbb.rs.



+553 Profil

icon Re: Zagusenje interneta i prekid saobracaja - mozda virus?27.03.2009. u 22:17 - pre 184 meseci
Meni je i ovaj forenzicki alat svojevremeno pomagao u detekciji programa koji zagusuju mrezu dok nisam naucio dovoljno da ih sam prepoznam:

http://www.mynetwatchman.com/downloads/scu.exe

a vise detalja mozes pronaci na

http://www.mynetwatchman.com/tools/sc/
 
Odgovor na temu

msc_bg
Bg

Član broj: 190918
Poruke: 69
*.adsl-3.sezampro.yu.

Sajt: www.OglasiOglasnik.com


Profil

icon Re: Zagusenje interneta i prekid saobracaja - mozda virus?28.03.2009. u 10:46 - pre 184 meseci
evo sad sam uradio i ja tu ne vidim da nesto ne valja, al evo pa pogledaj ti ako te ne mrzi pa reci da li treba nesto da se zaustavi


Active Connections

Proto Local Address Foreign Address State PID
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1248
c:windowssystem32WS2_32.dll
C:WINDOWSsystem32RPCRT4.dll
c:windowssystem32rpcss.dll
C:WINDOWSsystem32svchost.exe
-- unknown component(s) --
[svchost.exe]

TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
[System]

TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING 1408
C:WINDOWSsystem32httpapi.dll
c:windowssystem32ssdpsrv.dll
C:WINDOWSsystem32RPCRT4.dll
[svchost.exe]

TCP 0.0.0.0:44080 0.0.0.0:0 LISTENING 1492
[AVWEBGRD.EXE]

TCP 0.0.0.0:44110 0.0.0.0:0 LISTENING 784
[avmailc.exe]

TCP 0.0.0.0:50300 0.0.0.0:0 LISTENING 540
[oodag.exe]

TCP 127.0.0.1:1029 0.0.0.0:0 LISTENING 2604
[alg.exe]

TCP 127.0.0.1:5152 0.0.0.0:0 LISTENING 472
[jqs.exe]

TCP 192.168.254.8:139 0.0.0.0:0 LISTENING 4
[System]

TCP 127.0.0.1:2089 127.0.0.1:2090 ESTABLISHED 252
[firefox.exe]

TCP 127.0.0.1:2090 127.0.0.1:2089 ESTABLISHED 252
[firefox.exe]

TCP 127.0.0.1:2095 127.0.0.1:2096 ESTABLISHED 252
[firefox.exe]

TCP 127.0.0.1:2096 127.0.0.1:2095 ESTABLISHED 252
[firefox.exe]

TCP 127.0.0.1:1117 127.0.0.1:44080 CLOSE_WAIT 1476
[SweetIM.exe]

TCP 127.0.0.1:5152 127.0.0.1:2097 CLOSE_WAIT 472
[jqs.exe]

TCP 192.168.254.8:2869 192.168.254.254:1031 CLOSE_WAIT 1408
C:WINDOWSsystem32httpapi.dll
c:windowssystem32ssdpsrv.dll
C:WINDOWSsystem32RPCRT4.dll
[svchost.exe]

TCP 127.0.0.1:2013 127.0.0.1:44080 TIME_WAIT 0
TCP 127.0.0.1:2137 127.0.0.1:44080 TIME_WAIT 0
TCP 127.0.0.1:2149 127.0.0.1:44080 TIME_WAIT 0
TCP 127.0.0.1:2151 127.0.0.1:44080 TIME_WAIT 0
TCP 127.0.0.1:2153 127.0.0.1:44080 TIME_WAIT 0
TCP 127.0.0.1:2160 127.0.0.1:44080 TIME_WAIT 0
TCP 127.0.0.1:44080 127.0.0.1:2129 TIME_WAIT 0
TCP 127.0.0.1:44080 127.0.0.1:2091 TIME_WAIT 0
TCP 127.0.0.1:44080 127.0.0.1:2093 TIME_WAIT 0
TCP 127.0.0.1:44080 127.0.0.1:2135 TIME_WAIT 0
TCP 127.0.0.1:44080 127.0.0.1:2109 TIME_WAIT 0
TCP 127.0.0.1:44080 127.0.0.1:2157 TIME_WAIT 0
TCP 127.0.0.1:44080 127.0.0.1:2115 TIME_WAIT 0
TCP 127.0.0.1:44080 127.0.0.1:2159 TIME_WAIT 0
TCP 127.0.0.1:44080 127.0.0.1:2098 TIME_WAIT 0
TCP 127.0.0.1:44080 127.0.0.1:2103 TIME_WAIT 0
TCP 127.0.0.1:44080 127.0.0.1:2155 TIME_WAIT 0
TCP 127.0.0.1:44080 127.0.0.1:2163 TIME_WAIT 0
TCP 127.0.0.1:44080 127.0.0.1:2105 TIME_WAIT 0
TCP 192.168.254.8:2021 78.86.125.134:80 TIME_WAIT 0
TCP 192.168.254.8:2025 209.85.137.125:443 TIME_WAIT 0
TCP 192.168.254.8:2072 213.199.141.141:80 TIME_WAIT 0
TCP 192.168.254.8:2073 213.199.141.141:80 TIME_WAIT 0
TCP 192.168.254.8:2074 213.199.141.141:80 TIME_WAIT 0
TCP 192.168.254.8:2138 217.26.67.165:80 TIME_WAIT 0
 
Odgovor na temu

valjan
Janko Valencik
Software Deployer
Schneider Electric
Novi Sad

Moderator
Član broj: 158605
Poruke: 3531
*.dynamic.sbb.rs.



+553 Profil

icon Re: Zagusenje interneta i prekid saobracaja - mozda virus?28.03.2009. u 19:58 - pre 184 meseci
Kao sto rekoh, bitni su samo oni zapisi gde je u prvoj koloni TCP, u drugoj tvoja IP adresa (ali da nije ni 0.0.0.0 ni 127.0.0.1), u trecoj neka adresa koja nije nijedna od tvoje tri interne adrese, a u cetvrtoj ESTABLISHED. U ovom tvom izvestaju nema nijedne takve, a najpribliznije su onih sest poslednjih (samo sto status nije ESTABLISHED), i tih sest je u stvari zaostalo od tvog browsera - ti i kad ugasis neku stranicu, browser jos neko vreme odrzava konekciju u slucaju da se predomislis, i ovh sest je upravo to. Ostalo je sve u redu - nekoliko sistemskih servisa, firefox, messenger, defragmenter (mada ne znam sta ce on na mrezi) i Avira.

Sada ne bi bilo lose da uvrebas trenutak kada dodje do tog zagusenja, pa opet uradis ovakav izvestaj bez gasenja icega (znaci u tom trenutku kad primetis usporenje, a ti pokreni ovu komandu), pa javi da li primecujes neku bitnu razliku.
 
Odgovor na temu

msc_bg
Bg

Član broj: 190918
Poruke: 69
*.adsl-3.sezampro.yu.

Sajt: www.OglasiOglasnik.com


Profil

icon Re: Zagusenje interneta i prekid saobracaja - mozda virus?28.03.2009. u 20:53 - pre 184 meseci
ok... hvala ti uradicu i ovo i onaj hjack - kad mi dode do zagusenja pa cu posataviti....
 
Odgovor na temu

[es] :: Zaštita :: Zagusenje interneta i prekid saobracaja - mozda virus?

[ Pregleda: 1854 | Odgovora: 7 ] > FB > Twit

Postavi temu Odgovori

Srodne teme
Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.