Naravno da ima. Postavi prvo HijackThis log. Verujem da tebi ne treba da pisem nikakva upustva.

Evo ga HJT log, iz njega ništa nije moglo da se sredi postavljao sam ga već i na drugim forumima, na sajtovima... Ali da ne bude da ne mogu barem to da uradim. Uskoro stiže i ovaj drugi log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:04:49, on 9.4.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\AIMP2\AIMP2.exe
C:\Program Files\Digsby\lib\digsby-app.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.rs/
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: Digsby.lnk = C:\Program Files\Digsby\digsby.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 6214 bytes

Loše vesti, nije se restartovao komp kada je završio ComboFix, tako da pitanje da li ćeš videti nešto zanimljivo. Mnogo ti hvala što se mučiš :)
Sad sam malo pogledao, čisto da znaš nemam ni AVG ni AdAware nego su samo ostali folderi. Sad sam radio Repair pa je zato SP2 i IE6, čisto da znaš, ali ni to nije vredelo, nema potrebe sada to da učitavam kad pitanje koliko će stajati.

ComboFix 09-04-04.01 - Stefan 2009-04-09 19:16:41.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1506 [GMT 2:00]
Running from: c:\documents and settings\Stefan\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090409-0] *On-access scanning disabled* (Updated)
FW: PC Tools Firewall Plus *disabled*
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\pthreadGC2.dll
c:\windows\system32\tmp67.tmp
c:\windows\system32\tmp68.tmp
c:\windows\system32\tmp98.tmp
c:\windows\system32\tmp99.tmp

.
((((((((((((((((((((((((( Files Created from 2009-03-09 to 2009-04-09 )))))))))))))))))))))))))))))))
.

2009-04-09 15:47 . 2009-04-09 15:47 <DIR> d-------- C:\Lyrics
2009-04-09 15:26 . 2004-08-04 03:07 13,463,552 --a--c--- c:\windows\system32\dllcache\hwxjpn.dll
2009-04-09 15:25 . 2004-05-13 00:39 876,653 --a--c--- c:\windows\system32\dllcache\fp4awel.dll
2009-04-09 15:24 . 2004-08-04 03:07 16,384 --a--c--- c:\windows\system32\dllcache\isignup.exe
2009-04-09 15:24 . 2009-04-09 15:24 749 -rah----- c:\windows\WindowsShell.Manifest
2009-04-09 15:24 . 2009-04-09 15:24 749 -rah----- c:\windows\system32\wuaucpl.cpl.manifest
2009-04-09 15:24 . 2009-04-09 15:24 749 -rah----- c:\windows\system32\sapi.cpl.manifest
2009-04-09 15:24 . 2009-04-09 15:24 749 -rah----- c:\windows\system32\nwc.cpl.manifest
2009-04-09 15:24 . 2009-04-09 15:24 749 -rah----- c:\windows\system32\ncpa.cpl.manifest
2009-04-09 15:24 . 2009-04-09 15:24 488 -rah----- c:\windows\system32\logonui.exe.manifest
2009-04-05 15:36 . 2009-04-05 15:36 <DIR> d-------- c:\program files\Alwil Software
2009-04-03 19:11 . 2009-03-26 16:49 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-04-03 19:10 . 2009-04-05 15:30 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-04-03 19:10 . 2009-03-26 16:49 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-03 15:47 . 2009-04-05 15:31 17,372 --a------ c:\windows\setupapi.old
2009-04-01 14:34 . 2009-04-01 14:34 231,176 --a------ c:\windows\system32\PDBoot.exe
2009-04-01 11:14 . 2009-04-01 11:14 <DIR> d-------- c:\documents and settings\Aleksandra\Application Data\Shareaza
2009-03-31 20:20 . 2009-03-31 20:20 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
2009-03-28 00:39 . 2009-03-09 16:27 4,178,264 --a------ c:\windows\system32\D3DX9_41.dll
2009-03-28 00:39 . 2009-03-09 16:27 1,846,632 --a------ c:\windows\system32\D3DCompiler_41.dll
2009-03-28 00:39 . 2009-03-16 15:18 517,448 --a------ c:\windows\system32\XAudio2_4.dll
2009-03-28 00:39 . 2009-03-09 16:27 453,456 --a------ c:\windows\system32\d3dx10_41.dll
2009-03-28 00:39 . 2009-03-16 15:18 235,352 --a------ c:\windows\system32\xactengine3_4.dll
2009-03-28 00:39 . 2009-03-16 15:18 69,448 --a------ c:\windows\system32\XAPOFX1_3.dll
2009-03-28 00:39 . 2009-03-16 15:18 22,360 --a------ c:\windows\system32\X3DAudio1_6.dll
2009-03-28 00:34 . 2009-03-28 00:35 <DIR> d-------- c:\program files\K-Lite Codec Pack
2009-03-25 17:13 . 2009-03-25 17:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-03-24 21:09 . 2009-03-24 21:09 <DIR> d-------- c:\program files\ConvertHelper
2009-03-24 14:14 . 2009-04-09 11:02 <DIR> d-------- c:\documents and settings\Aleksandra\Application Data\MiniLyrics
2009-03-24 14:14 . 2009-04-09 10:57 <DIR> d-------- c:\documents and settings\Aleksandra\Application Data\AIMP
2009-03-23 14:53 . 2009-03-24 16:44 <DIR> d-------- c:\program files\The KMPlayer
2009-03-23 01:04 . 2009-03-23 01:04 <DIR> d--hs---- c:\windows\system32\config\systemprofile\IETldCache
2009-03-23 00:50 . 2009-03-23 14:47 <DIR> d-------- c:\program files\Lavasoft
2009-03-23 00:50 . 2009-03-23 14:47 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-03-22 16:31 . 2009-03-22 16:31 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{DE032019-B933-4DF4-9174-48C52613DA13}
2009-03-22 14:28 . 2009-03-22 14:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\Stardock
2009-03-22 14:27 . 2009-03-22 14:27 <DIR> d--hs---- c:\documents and settings\Aleksandra\IETldCache
2009-03-22 03:40 . 2009-03-22 03:40 249 --a------ C:\Debug.err
2009-03-21 17:55 . 2009-03-21 17:55 <DIR> d-------- c:\program files\Shareaza
2009-03-21 17:55 . 2009-03-21 17:55 <DIR> d-------- c:\documents and settings\Stefan\Application Data\Shareaza
2009-03-20 20:18 . 2009-03-20 20:18 <DIR> d--hs---- c:\documents and settings\Stefan\IECompatCache
2009-03-20 20:16 . 2009-03-20 20:16 <DIR> d--hs---- c:\documents and settings\Stefan\PrivacIE
2009-03-20 20:14 . 2009-03-20 20:14 <DIR> d--hs---- c:\documents and settings\LocalService\IETldCache
2009-03-20 20:12 . 2009-03-20 20:12 <DIR> d--hs---- c:\documents and settings\Stefan\IETldCache
2009-03-20 20:08 . 2009-03-20 20:08 <DIR> d-------- c:\windows\ie8updates
2009-03-20 20:06 . 2009-03-20 20:07 <DIR> d--h-c--- c:\windows\ie8
2009-03-20 01:05 . 2009-03-20 01:05 <DIR> d-------- c:\documents and settings\Stefan\Application Data\JonDo
2009-03-19 16:56 . 2009-03-19 16:56 <DIR> d-------- c:\documents and settings\Aleksandra\Application Data\Genie-soft
2009-03-19 13:54 . 2009-04-08 17:05 540 --a------ c:\windows\system32\PDBootState
2009-03-19 13:36 . 2009-03-19 13:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\Genie-Soft
2009-03-19 13:34 . 2009-03-19 13:34 <DIR> d-------- c:\documents and settings\Stefan\Application Data\Genie-soft
2009-03-19 13:02 . 2009-03-19 13:02 <DIR> d-------- c:\program files\Genie-Soft
2009-03-19 13:02 . 2006-11-02 01:50 128,104 --a------ c:\windows\system32\drivers\WimFltr.sys
2009-03-19 13:02 . 2007-10-29 01:00 120,304 --a------ c:\windows\system32\pxcpyi64.exe
2009-03-19 13:02 . 2007-12-20 14:54 118,256 --a------ c:\windows\system32\pxinsi64.exe
2009-03-15 13:29 . 2009-03-15 13:32 <DIR> d-------- c:\documents and settings\Stefan\Application Data\GetRightToGo
2009-03-14 16:59 . 2009-03-14 16:59 <DIR> d-------- c:\program files\Common Files\Adobe
2009-03-09 14:55 . 2009-03-09 14:55 <DIR> d-------- c:\windows\Sun

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-09 17:13 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-09 16:17 --------- d-----w c:\documents and settings\Stefan\Application Data\AIMP
2009-04-08 22:15 --------- d-----w c:\program files\Minilyrics
2009-04-05 17:39 --------- d-----w c:\program files\SpywareBlaster
2009-04-05 17:36 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-05 17:36 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-05 13:40 --------- d-----w c:\program files\Digsby
2009-04-03 08:34 --------- d-----w c:\documents and settings\Stefan\Application Data\gtk-2.0
2009-04-02 18:56 --------- d-----w c:\program files\BFG
2009-03-27 22:36 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-03-27 06:14 453,152 ----a-w c:\windows\system32\NVUNINST.EXE
2009-03-25 15:15 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-03-22 14:31 --------- d-----w c:\program files\Stardock
2009-03-20 17:49 --------- d-----w c:\program files\FastStone Image Viewer
2009-03-18 10:20 --------- d-----w c:\program files\PC Tools Firewall Plus
2009-03-15 12:38 --------- d-----w c:\program files\Common Files\Acronis
2009-03-15 12:37 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-15 11:42 --------- d-----w c:\program files\Weather Watcher
2009-03-13 12:40 130,424 ----a-w c:\windows\system32\drivers\PCTCore.sys
2009-03-10 18:57 --------- d-----w c:\program files\Winamp
2009-03-04 01:01 --------- d-----w c:\documents and settings\Stefan\Application Data\Samsung
2009-03-02 17:10 --------- d-----w c:\documents and settings\Aleksandra\Application Data\LimeWire
2009-03-01 15:38 --------- d-----w c:\documents and settings\All Users\Application Data\SugarGames
2009-02-28 23:23 --------- d-----w c:\documents and settings\Aleksandra\Application Data\FastStone
2009-02-27 23:59 --------- d-----w c:\documents and settings\All Users\Application Data\Raxco
2009-02-27 23:56 --------- d-----w c:\program files\Raxco
2009-02-27 22:26 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT
2009-02-26 14:52 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-26 11:16 121,856 ----a-w c:\windows\system32\drivers\Rtenicxp.sys
2009-02-24 23:26 2,255,360 ----a-w c:\windows\system32\x264vfw.dll
2009-02-23 22:02 --------- d-----w c:\program files\Common Files\ACD Systems
2009-02-23 20:23 --------- d-----w c:\documents and settings\Stefan\Application Data\FastStone
2009-02-22 14:59 --------- d-----w c:\documents and settings\Aleksandra\Application Data\Winamp
2009-02-21 11:04 --------- d-----w c:\program files\Smarty Uninstaller Pro
2009-02-20 23:00 --------- d-----w c:\program files\AVG
2009-02-20 14:46 40,072 ----a-w c:\windows\system32\drivers\maplom.sys
2009-02-20 11:13 --------- d-----w c:\documents and settings\Stefan\Application Data\MiniLyrics
2009-02-19 18:29 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-19 08:44 41,608 ----a-w c:\windows\system32\drivers\maploml.sys
2009-02-17 20:18 --------- d-----w c:\documents and settings\All Users\Application Data\Norton
2009-02-16 12:21 --------- d-----w c:\program files\GIMP-2.0
2009-02-15 16:51 --------- d-----w c:\documents and settings\All Users\Application Data\NortonInstaller
2009-02-14 21:05 --------- d-----w c:\documents and settings\Stefan\Application Data\OpenOffice.org
2009-02-14 21:04 --------- d-----w c:\program files\OpenOffice.org 3
2009-02-14 21:04 --------- d-----w c:\program files\JRE
2009-02-14 21:04 --------- d-----w c:\program files\Java
2009-02-14 21:03 --------- d-----w c:\program files\Common Files\Java
2009-02-14 11:07 --------- d-----w c:\program files\Common Files\L&H
2009-02-14 11:06 --------- d-----w c:\program files\Microsoft Works
2009-02-14 11:04 --------- d-----w c:\program files\Microsoft ActiveSync
2009-02-14 11:03 --------- d-----w c:\program files\Microsoft.NET
2009-02-13 13:56 --------- d-----w c:\documents and settings\Stefan\Application Data\DAEMON Tools Pro
2009-02-11 13:09 --------- d-----w c:\program files\Uniblue
2009-02-11 13:09 --------- d-----w c:\documents and settings\Stefan\Application Data\Uniblue
2009-02-09 18:56 67,584 ----a-w c:\windows\system32\ff_vfw.dll
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-01-16 17:22 685,056 ----a-w c:\windows\is-DT9P8.exe
2009-01-16 13:45 73,728 ----a-w c:\windows\system32\RtNicProp32.dll
2008-12-29 13:35 22,328 ----a-w c:\documents and settings\Stefan\Application Data\PnkBstrK.sys
2002-07-01 14:13 224 --sha-w c:\documents and settings\Stefan\Application Data\maildriver32.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CursorFX"="c:\program files\Stardock\CursorFX\CursorFX.exe" [2008-07-07 416768]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2009-02-24 2652056]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13684736]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-28 148888]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-03-26 401040]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 86016]
"nwiz"="nwiz.exe" [2009-03-27 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 c:\windows\RTHDCPL.exe]
"Logitech Utility"="Logi_MwX.Exe" [2002-11-08 c:\windows\LOGI_MWX.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-12-12 9555968]

c:\documents and settings\Stefan\Start Menu\Programs\Startup\
Digsby.lnk - c:\program files\Digsby\digsby.exe [2008-10-11 137728]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Launchy.lnk - c:\program files\Launchy\Launchy.exe [2008-12-15 286720]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2008-12-28 21:43 210168 c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.i263"= i263_32.drv
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"d:\\Igrice\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"d:\\Igrice\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"d:\\Igrice\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Shareaza\\Shareaza.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-04-05 114768]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009-02-04 159600]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-04-05 20560]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-04-03 179856]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2009-02-04 73840]
R3 MaplomL;MaplomL;c:\windows\system32\drivers\maploml.sys [2009-01-21 41608]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-04-03 15504]
S3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [2009-02-04 95640]
.
Contents of the 'Scheduled Tasks' folder

2009-04-09 c:\windows\Tasks\Uniblue SpeedUpMyPC Nag.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2007-10-22 11:13]

2009-02-11 c:\windows\Tasks\Uniblue SpeedUpMyPC.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2007-10-22 11:13]

2009-04-09 c:\windows\Tasks\User_Feed_Synchronization-{EE4DA373-E89C-42D3-9C95-C692003D3AAD}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 05:31]
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.rs/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Stefan\Application Data\Mozilla\firefox\profiles\hh2dt9a0.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs
FF - component: c:\documents and settings\Stefan\Application Data\Mozilla\Firefox\Profiles\hh2dt9a0.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: c:\documents and settings\Stefan\Application Data\Mozilla\Firefox\Profiles\hh2dt9a0.default\extensions\[email protected]\components\coolirisstub.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-09 19:17:49
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-350281380-233495102-1455855570-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)

[HKEY_USERS\S-1-5-21-350281380-233495102-1455855570-1003\Software\SecuROM\License information*]
"datasecu"=hex:c4,b5,6b,3d,a9,3b,2f,54,4e,85,d0,34,82,36,4a,9d,e0,e2,4e,8a,de,
4f,c5,38,1d,82,2f,73,cf,82,af,ce,e5,24,6d,cf,3b,7f,c3,62,43,34,5d,5a,ca,46,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1012)
c:\program files\Stardock\Object Desktop\WindowBlinds\WBSrv.dll
.
Completion time: 2009-04-09 19:19:25
ComboFix-quarantined-files.txt 2009-04-09 17:19:23

Pre-Run: 30.894.190.592 bytes free
Post-Run: 30,904,688,640 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=alwaysoff /fastdetect

Current=4 Default=4 Failed=0 LastKnownGood=1 Sets=1,2,3,4
259 --- E O F --- 2009-03-11 15:27:45

Kakvo je stanje sada?

Isto. On je samo obrisao neke temp fajlove i to je to, nije čak tražio ni restart za uklanjanje, tako da su to bile neke verovatno uobičajene stvari.
Možda će ti ovo nešto značiti, kad pokrenem Daemon Tools Lite najnovija verzija, izbaci mi ovo obaveštenje (na srpskom mi je DT, pa zato možda nekako čudno piše):

Vidim sta je obrisano. Za takve stvari i ne trazi restart. Ovde nema vidljivih tragova malware-a. Ne znam sta bi moglo biti resenje tvojim problemima - mozda formatiranje umesto reinstalacije...

Pozdrav

Trenutno ili u poslednje vreme? Ne razumem se u ovo. Izmenio sam onaj poslednji odgovor, pa pogledaj.
Da li je moguće da su me zajebali programi za čišćenje registra?!

Mogu samo da nagadjam. Po ComboFix-u, ne vide se tragovi/ostaci/delovi malware-a. Svi procesi su na mestu i regularni. Mozda problem zadaje neki program za promenu izgleda Windows-a, ubrzavanje, ciscenje i sl.

Jel ovo i dalje aktuelan problem:
http://www.elitesecurity.org/t...ske-kada-pokrenem-video-player

Stvarno mi je zao, ali ne mogu da ti pomognem. Ako neko ima ideju, neka ovde ostavi komentar (vezan za zastitu), a sve ostale predloge i komentare, postavite u gore pomenuti link.

Nažalost je aktuelno, samo sam danas otkrio i to za Daemon Tools. To je prelilo čašu, što je najgore ispade da sada zbog toga ne mogu ni da instaliram jednu strategiju! Ovom zajebavanju je došao kraj! Sutra je petak dolazim u 1 kući i imam celo popodne za ponovno instaliranje Win-a. Neće mene jebati neki bag mesecima! Što je najgore kad sam sve to otkrio koliko znam nisam ni dodavao nikakav program, nego onako odjednom izbili ti problemi.
Hvala što si se potrudio :)

Nema na cemu, zao mi je sto nismo uspeli da sredimo problem.