prebacivanje sa sajta koji hocu na nepoznati

Imam problem
Ukucam sajt koji hocu,a izadjem na neki koji necu.
Naprimer ovaj mi dosadjuje
(bigseekpro.com/search/dns/hypercam/{BC7A1A39-5958-73A8-3591-19D42B43AA1D}?q)
Dosadan je ,a ne mogu da konektujem onaj koji zelim...
U cemu je problem.Da li me je neko hakovao ,ili sta vec?

Verovatno imas neki malware koji te reprodukuje na neki drugi sajt.

Odradi sledece:

--> Skini program Malwarebytes' Anti-Malware
Dvoklikom pokreni instalaciju. Na samom pocetku proveri da li su stiklirane ove opcije:

Update Malwarebytes' Anti-Malware
Launch Malwarebytes Anti-Malware

Zatim klikni Finish.

Izaberi opciju Perform Quick Scan i klikni Scan.
Po zavrsetku procesa klikni OK, Show Results:
u listi detektovanog malware-a proveri da li su obelezene sve stavke i klikni Remove Selected.

Po zavrsetku ciscenja zakaci MBAM log na forum.



-->
Skini DDS Program na Desktop
http://download.bleepingcomputer.com/sUBs/dds.com

Dvoklikom pokreni dds.scr

Kad zavrsi, DDS ce otvoriti dva loga:
1. DDS.txt
2. Attach.txt

Oba izvestaja sacuvaj na Desktop.
Kopiraj mi DDS.txt

---

Hmmmm
jos dok ne dobih odgovor nekako ga eliminisah sa Kis-om,a overih ga sada sa mailwareom tools.
Mocni su...
Hvala,a evo i loga

Scan type: Quick scan
Objects scanned: 141596
Time elapsed: 24 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

izgleda fino...

ajd odradi i DDS pa da privedemo kraju

---

Evo odradih i dds.Bas daje iscrpno sve i svasta.Ne znam gde mu je opcija za attach pa ga samo kopiram dds.txt
Ako nije problem nauci me sta je vazno da citam od ovih informacija,i zasto mi je dos prozor u kome mi je radio dds veoma mali i slova jedva vidljiva.
Ucim pomalo da programiram u paskalu,i nakon instalacije delfija imam isti problem,izuzetno mali dos prozor i veoma sitna slova,ostalo radi,daje tacne rezultate,ali veoma sitne....
Hvala i pozdrav


DDS (Ver_10-03-17.01) - NTFSx86
Run by Deki at 12:36:47,79 on źet 13.05.2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.381.1033.18.2047.948 [GMT 2:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Embarcadero\RAD Studio\7.0\bin\BSQLServer.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~1\UpsPilot\monitor.exe
C:\PROGRA~1\Bandoo\Bandoo.exe
C:\Program Files\UpsPilot\jre\bin\javaw.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\PROGRA~1\UpsPilot\wpRMI.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\UpsPilot\jre\bin\javaw.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\UpsPilot\Winpower.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\UpsPilot\jre\bin\javaw.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\Free Pack\PSU\PSU.EXE
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Windows\system32\taskeng.exe
C:\Users\Deki\Desktop\dds.com
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - c:\program files\hypercam toolbar\tbhelper.dll
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 9\SnagItBHO.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2010\ievkbd.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: GOM Player + Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
BHO: BandooIEPlugin Class: {eb5cee80-030a-4ed8-8e20-454e9c68380f} - c:\program files\bandoo\plugins\ie\ieplugin.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\hypercam toolbar\tbcore3.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 9\SnagItIEAddin.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: HyperCam Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - c:\program files\hypercam toolbar\tbcore3.dll
TB: GOM Player + Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [Sony Ericsson PC Suite] "c:\program files\sony ericsson\sony ericsson pc suite\SEPCSuite.exe" /systray /nologon
uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\axcmd.exe" /automount
uRun: [Google Update] "c:\users\deki\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [Winpower] c:\program files\upspilot\Winpower.exe
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SYSTRAY_UPDATE] c:\windows\temp\systray.exe
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\users\deki\appdata\roaming\micros~1\windows\startm~1\programs\startup\poweri~1.lnk - c:\program files\free pack\psu\PSU.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\checkf~1.lnk - c:\program files\common files\pctv systems\webupdater\WebUpdater.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\microt~1.lnk - c:\program files\microtek\scanwizard 5\ScannerFinder.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\server~1.lnk - c:\program files\technisat dvb\bin\Server4PC.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2010\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvLsp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll c:\progra~1\kasper~1\kasper~1\kloehk.dll c:\progra~1\bandoo\bndhook.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SecurityProviders: credssp.dll, snapapi32.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\deki\appdata\roaming\mozilla\firefox\profiles\hnf1wk4e.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - FootieFox
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.bigseekpro.com/search/toolbar/hypercam/{BC7A1A39-5958-73A8-3591-19D42B43AA1D}?q=
FF - component: c:\program files\mozilla firefox\extensions\[email protected]\components\KavLinkFilter.dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\deki\appdata\roaming\mozilla\firefox\profiles\hnf1wk4e.default\extensions\[email protected]\components\DTToolbarFF.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\deki\appdata\local\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 36880]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2009-9-14 21520]
R2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe [2009-10-20 340456]
R2 BlackfishSQL;BlackfishSQL;c:\program files\embarcadero\rad studio\7.0\bin\BSQLServer.exe [2009-11-19 65536]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.SYS [2009-10-26 5120]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-10-2 19472]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-5-11 20952]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB32.sys [2009-6-10 1311232]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2009-10-26 27632]
R3 SKYNET;TechniSat DVB-PC TV Star PCI;c:\windows\system32\drivers\SkyNET.sys [2010-1-25 507408]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 FLASHSYS;FLASHSYS;c:\program files\msi\live update 4\lu4\FlashSys.sys [2009-10-26 9216]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2009-10-26 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2009-10-26 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2009-10-26 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2009-10-26 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2009-10-26 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2009-10-26 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2009-10-26 115752]
S4 Wuauecrdsims;Wuauecrdsims;c:\windows\system32\drivers\cmdide.sys [2009-7-14 15952]

=============== Created Last 30 ================

2010-05-12 08:17:19 740864 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-11 15:25:13 0 d-----w- c:\windows\VirtualDub with Extras
2010-05-11 15:25:12 0 d-----w- c:\program files\VirtualDub with Extras
2010-05-11 12:47:01 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-11 12:46:58 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-11 12:46:58 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-09 11:30:57 48064 ----a-w- c:\windows\TL16V20.DLL
2010-05-09 11:30:57 27632 ----a-w- c:\windows\system\CTL3DV2.DLL
2010-05-09 11:30:57 220672 ----a-w- c:\windows\system\BC450RTL.DLL
2010-05-09 11:30:43 0 d-----w- C:\MATHPERT
2010-05-09 11:30:14 26768 ----a-w- c:\windows\system\CTL3D.DLL
2010-05-09 11:30:12 247648 ----a-w- c:\windows\UNINST16.EXE
2010-05-08 20:11:31 1292288 ----a-w- c:\windows\system32\Rave77VCL140.bpl
2010-05-08 20:08:25 0 dc-h--w- c:\programdata\{2563F97A-045F-4E4C-9DB1-D5D26C269882}
2010-05-08 19:56:19 0 d-----w- c:\users\deki\appdata\roaming\Embarcadero
2010-05-08 19:56:19 0 d-----w- c:\program files\Embarcadero
2010-05-08 19:56:19 0 d-----w- c:\program files\common files\CodeGear Shared
2010-05-08 19:55:47 0 d-----w- c:\program files\common files\Borland Shared
2010-05-08 19:31:55 0 d--h--w- c:\programdata\{2D559015-4C05-4AE5-8C8B-7E13E1EAB09D}
2010-05-07 17:37:58 0 d-----w- c:\program files\common files\xing shared
2010-05-04 22:15:12 0 d-----w- c:\program files\Ask.com
2010-04-29 23:06:25 0 d-----w- c:\program files\GRETECH
2010-04-28 09:50:55 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2010-04-28 09:50:55 1037312 ----a-w- c:\windows\system32\lsasrv.dll
2010-04-28 09:50:50 194488 ----a-w- c:\windows\system32\drivers\fvevol.sys
2010-04-27 13:22:16 0 d-----w- c:\program files\Gigatron Konfigurator
2010-04-26 22:04:42 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2010-04-24 18:01:56 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-22 20:08:02 196608 ----a-w- c:\windows\system32\dllgraphiceffect.dll
2010-04-22 20:08:01 119568 ----a-w- c:\windows\system32\VB6ES.dll
2010-04-22 20:08:01 0 d-----w- C:\CoView
2010-04-21 13:02:22 0 d-----w- C:\Delphi 2009My projecrs
2010-04-21 12:59:32 0 dc-h--w- c:\programdata\~0
2010-04-21 12:52:08 0 d--h--w- c:\programdata\~1
2010-04-20 16:14:29 10882 ----a-w- C:\Misa stan.docx
2010-04-19 22:42:03 37 ----a-w- c:\windows\markosoft.ini
2010-04-19 22:41:13 0 d-----w- c:\program files\Markosoft
2010-04-19 22:40:18 0 d-----w- c:\windows\Downloaded Installations
2010-04-19 21:24:31 0 d-----w- c:\programdata\Real
2010-04-14 12:02:18 38 ----a-w- c:\windows\AviSplitter.INI
2010-04-14 08:58:48 3954568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-14 08:58:48 3899280 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-14 08:58:47 427520 ----a-w- c:\windows\system32\vbscript.dll
2010-04-14 08:58:28 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-14 08:58:28 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-14 08:58:28 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-14 08:57:43 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-04-14 08:57:06 132608 ----a-w- c:\windows\system32\cabview.dll

==================== Find3M ====================

2010-05-07 17:36:12 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-05-07 17:36:12 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-05-06 08:36:38 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-05 10:02:27 97549 ----a-w- c:\windows\system32\drivers\klick.dat
2010-05-05 10:02:27 113933 ----a-w- c:\windows\system32\drivers\klin.dat
2010-03-08 17:59:18 94208 ----a-w- c:\windows\system32\dpl100.dll
2010-02-23 07:56:00 977920 ----a-w- c:\windows\system32\wininet.dll
2010-02-22 00:05:12 404319 ----a-w- c:\windows\zakrpa.exe
2010-02-19 19:27:36 720384 ----a-w- c:\windows\system32\DivX.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2010-02-19 19:27:16 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2010-02-19 19:27:16 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2010-02-19 19:27:16 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-10-26 12:14:39 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 12:40:03,27 ===============

meni je samo potreban DDS.txt log.Ovaj drugi mi netreba



stvarno ne bih znao da ti kazem sto je to tako.Kako mislis mali prozor? Koji ti je monitor?
ako zelis ponovo pokreni DDS pa uslikaj (screen shot ) i postavi ovde sliku da vidimo mali prozor.


DDS je dijagnosticki program koji je napisao malware hunter & expert sUBs (tvorac Combofix-a)
On prikazuje sistemske processe,odredjene registry unose,drajvere,izlistava fajlove po nekom svom algoritmu...itd...
Veruj mi nije to tako lako.


--> Sto se tice loga i sistema,log deluje cisto. Nema tragova malware-a. Ovo je Cist PC

---

dds.txt je zaista opsiran,dobro su ga i detaljno uradili.
I ja bi rekao da mi je PC cist,problem je trajao samo 10-ak sati....
(negde u kis-u sam oznacio bigseeker kao nezeljeni sajt i kis ga je izblokirao).
Sto se tice malog command prompta malopre mi je drugar pomogao da resim stvar.
Desni klik misa na naslovnu liniju comand prompta,izabrah defoults,a tu font Lucida console i size 20,ok,i resen problem.
Ne znam kako je win7 zabrljao sa benq22",ali problem je resen.
Hvala i tebi...
trebace mi kasnije jos pomoci
Pozdrav