Bullguard firewall hacker atak popup


(Masaj) #1

witam,

program bullguard internet-security 12.0. 229 podczas przeglądania wp.pl w ff otwiera okienka sugerujące atak hakera i tak co 5 min. nie ważne co robię okienko wylatuje na pół ekranu.

Screen:

90122045.th.jpg

LOG: http://www.wklejto.pl/130785

Ten "program" chce również zablokować/uznać za szkodliwy proces User Notification Service Intela ciągle zaznacza go jako szkodliwy i uruchamia funkcje terminate proces.

Tak swoją drogą to interfejs projektował chyba niewidomy.

Dane z whois:

inetnum: 194.204.152.0 - 194.204.152.255

netname: TPNET

descr: Commercial IP network of Polish Telecom

country: PL

admin-c: KP21-RIPE

tech-c: TPHT

tech-c: HT2189-RIPE

remarks: rev-srv: dns.tpsa.pl

remarks: rev-srv: dns2.tpsa.pl

remarks: rev-srv: bilbo.nask.org.pl

status: ASSIGNED PA

mnt-by: TPNET

source: RIPE # Filtered

remarks: rev-srv attribute deprecated by RIPE NCC on 02/09/2009


role: TP S.A. Hostmaster

address: TP S.A.

address: ul. Nowogrodzka 47A

address: 00-695 Warszawa

address: Poland

phone: +48 800 120810

fax-no: +48 22 6225182

admin-c: TK569-RIPE

tech-c: TK569-RIPE

tech-c: JS1838-RIPE

nic-hdl: TPHT

mnt-by: TPNET

abuse-mailbox:  

source: RIPE # Filtered


person: Hostmaster TPSA-CST

address: Telekomunikacja Polska S.A.

address: Data Transmission Systems Centre

address: ISP

address: POLAND

remarks: ! - ! - ! - ! - ! - !

remarks: CALL - CENTER

remarks: phone: (+48) 800 120811

remarks: ! - ! - ! - ! - ! - !

phone: +48 800 120810

fax-no: +48 22 6225182

remarks: ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - !

remarks: Please send spam and abuse notification only to:

remarks:        

remarks: ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - !

nic-hdl: HT2189-RIPE

mnt-by: TPNET

source: RIPE # Filtered


person: Konrad Plich

address: Telekomunikacja Polska S.A.

address: ul. Sienkiewicza 9

address: 97-300 Piotrkow Trybunalski

address: Poland

phone: + 48 44 648 00 30

remarks: ---------------------------------------------

remarks: In case of abuse (intrusion attempts, hacking,

remarks: spamming or other unaccepted behavior) from

remarks: TP S.A. address space, please mail only to:

remarks: abuse-mailbox. Notifications sent to other

remarks: mailboxes will be left without any action.

remarks:

remarks: abuse phone: +48 22 8871788

remarks: ----------------------------------------------

abuse-mailbox:   

nic-hdl: KP21-RIPE

mnt-by: AS5617-MNT

source: RIPE # Filtered


route: 194.204.128.0/18

descr: TPNET

descr: for abuse: 

origin: AS5617

mnt-by: AS5617-MNT

source: RIPE # Filtered

194.204.152.34 DNS Lookup


;; Answer received from 127.0.0.1 (312 bytes)

;;

;; HEADER SECTION

;; id = 55832

;; qr = 1 opcode = QUERY aa = 0 tc = 0 rd = 1

;; ra = 1 ad = 0 cd = 0 rcode = NOERROR

;; qdcount = 1 ancount = 1 nscount = 4 arcount = 7


;; QUESTION SECTION (1 record)

;; 34.152.204.194.in-addr.arpa. IN PTR


;; ANSWER SECTION (1 record)

34.152.204.194.in-addr.arpa. 7200 IN PTR dns2.tpsa.pl.


;; AUTHORITY SECTION (4 records)

152.204.194.in-addr.arpa. 7200 IN NS ns3.tpnet.pl.

152.204.194.in-addr.arpa. 7200 IN NS kirdan.warman.nask.pl.

152.204.194.in-addr.arpa. 7200 IN NS ns2.tpnet.pl.

152.204.194.in-addr.arpa. 7200 IN NS ns1.tpnet.pl.


;; ADDITIONAL SECTION (7 records)

ns3.tpnet.pl. 83232 IN A 80.50.50.200

ns3.tpnet.pl. 83232 IN AAAA 2a01:1700:2:3:0:0:0:32c8

ns2.tpnet.pl. 80616 IN A 80.50.50.150

ns2.tpnet.pl. 80616 IN AAAA 2a01:1700:3:2:0:0:0:3296

ns1.tpnet.pl. 84492 IN A 80.50.50.100

ns1.tpnet.pl. 84492 IN AAAA 2a01:1700:2:1:0:0:0:3264

kirdan.warman.nask.pl. 27445 IN A 195.187.244.8

(krzych5610) #2

Przygotuj prawidłowe raporty OTL - analiza-dezynfekcja-zestaw-narzedzi-nieingerencyjnych-t485632.html


(Masaj) #3

OTL: http://www.wklejto.pl/130991

Extras: http://www.wklejto.pl/130993

Sorry,że tak późno, ale nie miałem internetu (DNS Serwer not response), poza tym problemy z przeinstalowaniem av na inny:BDTS - install components criticall error i cała masa innych rzeczy.

-- Dodane 11.08.2012 (So) 16:13 --

CO SIE TU DZIEJE ?. GDZIE JEST POST Z WCZORAJ ZE SKRYPTEM ??????? !!