[ yeljko @ 04.12.2010. 11:00 ] @
Evo pogledajte sliku, sveke 3 sekunde mi nesto odlazi na internet a nemogu
skontati sta je.
Skenirao sam sa Malwarebyte (nije nasao nista) i ESS busines ver. (nasao 4 elementa, uklonio ih).
Koristim Win7 64bit.
Moze li mi neko pomoci da vidimo sta je u pitanju jer imam probleme sa netom.
Hvala unapred

[ magna86 @ 04.12.2010. 12:49 ] @
Aj mozemo da proverimo....mada lako moze biti da neki program radi upload...sto je i u neku ruku normalno
Preuzmi DDS Program na Desktop
http://download.bleepingcomputer.com/sUBs/dds.com

Dvoklikom pokreni dds,kad zavrsi, DDS ce otvoriti dva loga:
1. DDS.txt
2. Attach.txt
Oba izvestaja sacuvaj na Desktop.
Kopiraj mi DDS.txt
[ yeljko @ 04.12.2010. 13:38 ] @

DDS (Ver_10-11-27.01) - NTFS_AMD64
Run by User at 14:35:44.76 on Sat 12/04/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.4087.2992 [GMT 1:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\NetMeter\NetMeter.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\User\Desktop\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
uRun: [C:\Program Files\NetMeter\NetMeter.exe] C:\Program Files\NetMeter\NetMeter.exe
uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice

================= FIREFOX ===================

FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ywaubfqk.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Extension: Finbu.com: [email protected] - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Extension: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ywaubfqk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

============= SERVICES / DRIVERS ===============

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-5-27 203264]
R2 cpuz134;cpuz134;C:\Windows\System32\drivers\cpuz134_x64.sys [2010-12-1 21480]
R2 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2010-9-3 170104]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-11-4 810144]
R2 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2010-7-29 50624]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-11-30 363344]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-5-27 6856192]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-5-27 264192]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-11-27 24152]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-11-22 239616]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2010-10-17 145512]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-11-22 1327520]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]

=============== Created Last 30 ================

2010-12-04 11:35:19 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2010-12-04 11:35:16 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{9AF8FD01-DB98-4C21-8804-A28E79559F96}\mpengine.dll
2010-12-04 10:02:54 -------- d-----w- C:\IExp1.tmp
2010-12-04 10:02:50 -------- d-----w- C:\IExp0.tmp
2010-12-04 10:02:49 -------- d--h--w- C:\Windows\msdownld.tmp
2010-12-04 10:02:49 -------- d-----w- C:\Windows\RegisteredPackages
2010-12-04 10:02:46 -------- d-----w- C:\Program Files (x86)\Windows Media Components
2010-12-04 10:01:59 -------- d-----w- C:\Program Files (x86)\Ashampoo
2010-12-03 18:52:19 -------- d-----w- C:\Program Files (x86)\City Interactive
2010-12-01 17:55:10 21480 ----a-w- C:\Windows\System32\drivers\cpuz134_x64.sys
2010-12-01 17:55:10 -------- d-----w- C:\Program Files\CPUID
2010-11-30 23:11:27 -------- d-----w- C:\PROGRA~3\Apache
2010-11-30 23:09:23 -------- d-----w- C:\Users\User\AppData\Local\Apache
2010-11-30 22:57:57 -------- d-----w- C:\Program Files (x86)\Alcohol Soft
2010-11-30 22:55:34 503352 ----a-w- C:\Windows\System32\drivers\sptd.sys
2010-11-30 20:31:12 -------- d-----w- C:\Program Files\NetMeter
2010-11-30 16:55:21 -------- d-----w- C:\Users\User\AppData\Roaming\Foxit Software
2010-11-30 16:55:20 -------- d-----w- C:\Users\User\AppData\Roaming\Foxit
2010-11-30 16:54:50 -------- d-----w- C:\Program Files (x86)\Foxit Software
2010-11-30 16:47:32 -------- d-----w- C:\Windows\System32\appmgmt
2010-11-29 17:36:03 -------- d-----w- C:\Users\User\AppData\Local\Aiseesoft Studio
2010-11-29 17:35:42 -------- d-----w- C:\Users\User\AppData\Roaming\Aiseesoft Total Video Converter
2010-11-29 17:35:42 -------- d-----w- C:\Program Files (x86)\Aiseesoft Studio
2010-11-29 17:08:30 -------- d-----w- C:\Fraps
2010-11-29 15:49:54 -------- d-----w- C:\Users\User\AppData\Local\ElevatedDiagnostics
2010-11-28 20:35:07 -------- d-----w- C:\PROGRA~3\Futuremark
2010-11-28 20:23:45 -------- d-----w- C:\Program Files (x86)\Common Files\Futuremark Shared
2010-11-28 20:22:50 -------- d-----w- C:\Program Files (x86)\Futuremark
2010-11-28 20:22:44 -------- d-----w- C:\Windows\SysWow64\AGEIA
2010-11-28 20:22:31 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2010-11-28 16:10:38 -------- d-----w- C:\Users\User\AppData\Roaming\GlarySoft
2010-11-28 16:09:15 -------- d-----w- C:\Program Files (x86)\Glary Utilities
2010-11-28 14:25:44 -------- d-----w- C:\Program Files (x86)\GRETECH
2010-11-27 23:26:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-11-27 23:26:06 472808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2010-11-27 23:03:16 -------- d-----r- C:\Sandbox
2010-11-27 23:02:17 -------- d-----w- C:\Program Files\Sandboxie
2010-11-27 22:48:23 -------- d-----w- C:\Users\User\AppData\Roaming\Malwarebytes
2010-11-27 22:48:14 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-11-27 22:48:14 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-11-27 22:48:14 -------- d-----w- C:\PROGRA~3\Malwarebytes
2010-11-27 22:48:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-11-27 21:48:29 -------- d-----r- C:\Program Files (x86)\Skype
2010-11-27 21:01:01 -------- d-----w- C:\Users\User\AppData\Local\Adobe
2010-11-27 20:52:18 -------- d-----w- C:\Users\User\AppData\Roaming\NetMeter
2010-11-27 20:46:45 16856 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
2010-11-27 20:46:44 719832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozcpp19.dll
2010-11-27 20:41:25 -------- d-----w- C:\Users\User\AppData\Roaming\ESET
2010-11-27 20:41:25 -------- d-----w- C:\Users\User\AppData\Local\ESET
2010-11-27 20:40:45 -------- d-----w- C:\Program Files\ESET
2010-11-26 19:56:09 -------- d-----w- C:\Users\User\AppData\Local\Activision
2010-11-26 19:51:59 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2010-11-26 19:46:31 -------- d-----w- C:\Program Files (x86)\Activision
2010-11-23 03:58:07 -------- d-----w- C:\Windows\Panther
2010-11-22 12:50:00 -------- d-----w- C:\Users\User\AppData\Local\Mozilla
2010-11-22 12:47:27 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-11-22 12:46:50 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2010-11-22 12:45:19 -------- d-----w- C:\Users\User\AppData\Roaming\BSplayer Pro
2010-11-22 12:45:19 -------- d-----w- C:\Users\User\AppData\Roaming\BSplayer
2010-11-22 12:45:19 -------- d-----w- C:\Program Files (x86)\Webteh
2010-11-22 12:43:58 -------- d-----w- C:\PROGRA~3\Nero
2010-11-22 12:43:25 -------- d-----w- C:\Program Files (x86)\Nero
2010-11-22 12:42:55 165376 ----a-w- C:\Windows\SysWow64\unrar.dll
2010-11-22 12:42:54 790528 ----a-w- C:\Windows\SysWow64\xvidcore.dll
2010-11-22 12:42:54 232448 ----a-w- C:\Windows\SysWow64\mp3fhg.acm
2010-11-22 12:42:54 217088 ----a-w- C:\Windows\SysWow64\yv12vfw.dll
2010-11-22 12:42:54 151552 ----a-w- C:\Windows\SysWow64\ac3acm.acm
2010-11-22 12:42:54 134144 ----a-w- C:\Windows\SysWow64\xvidvfw.dll
2010-11-22 12:42:54 108032 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
2010-11-22 12:42:52 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2010-11-22 12:41:22 -------- d-----w- C:\Users\User\AppData\Local\Google
2010-11-22 12:36:21 -------- d-----w- C:\Windows\PCHEALTH
2010-11-22 12:34:55 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2010-11-22 12:34:33 -------- d-----w- C:\Users\User\AppData\Local\Microsoft Help
2010-11-22 12:29:39 -------- d-----w- C:\Users\User\AppData\Local\ATI
2010-11-22 12:29:12 0 ----a-w- C:\Windows\ativpsrm.bin
2010-11-22 12:26:16 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2010-11-22 12:25:25 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2010-11-22 12:25:19 125456 ----a-w- C:\Windows\System32\drivers\AtiHdmi.sys
2010-11-22 12:25:10 55296 ----a-w- C:\Windows\System32\coinst.dll
2010-11-22 12:25:10 446464 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2010-11-22 12:24:53 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2010-11-22 12:23:48 -------- d-----w- C:\Program Files\ATI Technologies
2010-11-22 12:23:47 -------- d-----w- C:\Program Files\ATI
2010-11-22 12:17:00 97792 ----a-w- C:\Windows\System32\RTNUninst64.dll
2010-11-22 12:17:00 67584 ----a-w- C:\Windows\System32\RtNicProp64.dll
2010-11-22 12:15:43 -------- d-sh--w- C:\Windows\Installer
2010-11-22 12:15:29 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll
2010-11-22 12:15:20 -------- d-----w- C:\Intel

==================== Find3M ====================


============= FINISH: 14:36:06.11 ===============
[ magna86 @ 04.12.2010. 14:45 ] @
Ovo deluje Ok.

Prezumi TFC program...pokreni ga...restart...
http://www.geekstogo.com/forum...temp-file-cleaner-by-oldtimer/

Citat:
neki program radi upload...sto je i u neku ruku normalno
[ yeljko @ 04.12.2010. 15:08 ] @
Uradio sam kako si rekao i opet je isto.
Kako doci do programa koji ovo radi i iskljuciti ga?
[ yeljko @ 15.12.2010. 16:42 ] @
Pronasao sam uzrok,
Windows Media Center i njegov update.
Problem sa internetom nije bio uzrok ovoga.
Nek se zna :)