I tried everything but with no success..I tried scaning with avast some other anti-malware programs but no help , they cant find it..Im desperate!
Here is DDS log:
DDS (Ver_09-12-01.01) - NTFSx86
Run by Milos Radovic at 19:40:41.32 on Tue 12/22/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2517 [GMT 1:00]
AV: avast! antivirus 4.8.1368 [VPS 091220-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
============== Running Processes ===============
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\RTHDCPL.EXE
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\Milos Radovic\My Documents\Downloads\dds.scr
============== Pseudo HJT Report ===============
mWinlogon: Taskman=d:\recycler\s-1-5-21-0086104417-9301490715-349306869-8625\nissan.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe
mRun: [StartCCC] "d:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "d:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - d:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - d:\windows\system32\WPDShServiceObj.dll
================= FIREFOX ===================
FF - ProfilePath - d:\docume~1\milosr~1\applic~1\mozilla\firefox\profiles\u9ipy9du.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox ... S:official
FF - plugin: c:\program files\adobe\reader 9.0\reader\browser\nppdf32.dll
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
============= SERVICES / DRIVERS ===============
Thanks anyway.
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [2009-12-16 114768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [2009-12-16 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-12-16 138680]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-12-16 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-12-16 352920]
S3 Ambfilt;Ambfilt;d:\windows\system32\drivers\Ambfilt.sys [2009-12-14 1684736]
S3 GarenaPEngine;GarenaPEngine;d:\docume~1\milosr~1\locals~1\temp\AWH296.tmp [2009-12-20 25616]
=============== Created Last 30 ================
2009-12-22 18:07:08 3245 ----a-w- d:\windows\system32\wbem\Outlook_01ca8331939df31e.mof
2009-12-22 18:05:08 21504 -c--a-w- d:\windows\system32\dllcache\hidserv.dll
2009-12-22 18:05:08 21504 ----a-w- d:\windows\system32\hidserv.dll
2009-12-22 18:05:06 14592 -c--a-w- d:\windows\system32\dllcache\kbdhid.sys
2009-12-22 18:05:06 14592 ----a-w- d:\windows\system32\drivers\kbdhid.sys
2009-12-22 18:05:04 10368 -c--a-w- d:\windows\system32\dllcache\hidusb.sys
2009-12-22 18:05:04 10368 ----a-w- d:\windows\system32\drivers\hidusb.sys
2009-12-22 18:05:03 32384 -c--a-w- d:\windows\system32\dllcache\usbccgp.sys
2009-12-22 18:05:03 32384 ----a-w- d:\windows\system32\drivers\usbccgp.sys
2009-12-22 16:28:57 0 d-----w- D:\_OTM
2009-12-21 00:43:49 0 d-----w- d:\docume~1\alluse~1\applic~1\AntiSpyInfo
2009-12-20 18:39:40 0 d-----w- d:\docume~1\milosr~1\applic~1\mIRC
2009-12-20 18:31:03 262 ----a-w- d:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2009-12-20 18:30:53 0 d-----w- d:\program files\common files\Wise Installation Wizard
2009-12-20 15:12:10 77835 ----a-w- d:\windows\War3Unin.dat
2009-12-20 15:12:10 2829 ----a-w- d:\windows\War3Unin.pif
2009-12-20 15:12:10 139264 ----a-w- d:\windows\War3Unin.exe
2009-12-19 12:19:19 545 ----a-w- d:\windows\UC.PIF
2009-12-19 12:19:19 545 ----a-w- d:\windows\RAR.PIF
2009-12-19 12:19:19 545 ----a-w- d:\windows\PKZIP.PIF
2009-12-19 12:19:19 545 ----a-w- d:\windows\PKUNZIP.PIF
2009-12-19 12:19:19 545 ----a-w- d:\windows\NOCLOSE.PIF
2009-12-19 12:19:19 545 ----a-w- d:\windows\LHA.PIF
2009-12-19 12:19:19 545 ----a-w- d:\windows\ARJ.PIF
2009-12-19 12:19:19 0 d-----w- d:\docume~1\milosr~1\applic~1\GHISLER
2009-12-18 20:45:48 376 ----a-w- d:\windows\ODBC.INI
2009-12-18 20:45:44 28040 ----a-w- d:\windows\system32\mdimon.dll
2009-12-18 20:45:06 0 d-----w- d:\program files\Microsoft ActiveSync
2009-12-18 20:44:19 0 d-----w- d:\windows\SHELLNEW
2009-12-18 20:41:11 0 d-----w- d:\windows\system32\appmgmt
2009-12-17 23:40:40 411368 ----a-w- d:\windows\system32\deploytk.dll
2009-12-17 02:37:14 0 d-----w- d:\program files\MSXML 4.0
2009-12-17 02:36:44 0 d--h--w- d:\windows\$hf_mig$
2009-12-17 02:23:38 0 d-----w- d:\docume~1\milosr~1\applic~1\uTorrent
2009-12-16 22:23:48 56 ---ha-w- d:\windows\system32\ezsidmv.dat
2009-12-16 22:18:58 0 d-----r- d:\program files\Skype
2009-12-16 20:39:31 52224 -c----w- d:\windows\system32\dllcache\msfeedsbs.dll
2009-12-16 20:39:31 459264 -c----w- d:\windows\system32\dllcache\msfeeds.dll
2009-12-16 20:39:31 268288 -c----w- d:\windows\system32\dllcache\iertutil.dll
2009-12-16 20:39:30 991232 -c----w- d:\windows\system32\dllcache\ieframe.dll.mui
2009-12-16 20:39:30 63488 -c----w- d:\windows\system32\dllcache\icardie.dll
2009-12-16 20:39:30 380928 -c----w- d:\windows\system32\dllcache\ieapfltr.dll
2009-12-16 20:39:30 2452872 -c----w- d:\windows\system32\dllcache\ieapfltr.dat
2009-12-16 20:39:30 13824 -c----w- d:\windows\system32\dllcache\ieudinit.exe
2009-12-16 20:39:29 6070784 -c----w- d:\windows\system32\dllcache\ieframe.dll
2009-12-16 20:04:46 455936 -c----w- d:\windows\system32\dllcache\mrxsmb.sys
2009-12-16 19:51:45 2189312 -c----w- d:\windows\system32\dllcache\ntoskrnl.exe
2009-12-16 19:51:45 2145280 -c----w- d:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-16 19:51:44 2023936 -c----w- d:\windows\system32\dllcache\ntkrpamp.exe
2009-12-16 19:06:54 0 d-----w- d:\windows\system32\SoftwareDistribution
2009-12-15 19:13:59 414272 ----a-w- d:\windows\system32\DivXc32f.dll
2009-12-15 19:13:59 414272 ----a-w- d:\windows\system32\DivXc32.dll
2009-12-15 19:13:59 291408 ----a-w- d:\windows\system32\DivXa32.acm
2009-12-15 19:13:59 240400 ----a-w- d:\windows\system32\DivX_c32.ax
2009-12-15 19:11:00 5794 ----a-w- d:\windows\MDVDP.Ini
2009-12-15 17:14:50 107888 ----a-w- d:\windows\system32\CmdLineExt.dll
2009-12-14 22:22:44 0 d-----w- d:\docume~1\milosr~1\applic~1\Microsoft Games
2009-12-14 21:53:07 0 d-----w- d:\docume~1\alluse~1\applic~1\DAEMON Tools Lite
2009-12-14 21:53:05 0 d-----w- d:\program files\DAEMON Tools Toolbar
2009-12-14 21:48:53 721904 ----a-w- d:\windows\system32\drivers\sptd.sys
2009-12-14 21:48:51 0 d-----w- d:\docume~1\milosr~1\applic~1\DAEMON Tools Lite
2009-12-14 20:57:07 0 ----a-w- d:\windows\ativpsrm.bin
2009-12-14 20:54:42 0 d-----w- d:\program files\common files\ATI Technologies
2009-12-14 20:52:13 593920 ------w- d:\windows\system32\ati2sgag.exe
2009-12-14 20:52:11 311296 ----a-r- d:\windows\system32\atiiiexx.dll
2009-12-14 20:52:11 18440 ----a-r- d:\windows\atiogl.xml
2009-12-14 20:52:08 446464 ----a-r- d:\windows\system32\ATIDEMGX.dll
2009-12-14 20:52:07 7167 ----a-r- d:\windows\system32\atifglpf.xml
2009-12-14 20:52:06 887724 ----a-r- d:\windows\system32\ativva6x.dat
2009-12-14 20:52:06 3 ----a-r- d:\windows\system32\ativva5x.dat
2009-12-14 20:52:06 197655 ----a-r- d:\windows\system32\atiicdxx.dat
2009-12-14 20:51:52 0 d-----w- d:\program files\ATI Technologies
2009-12-14 20:43:18 0 d-----w- d:\docume~1\milosr~1\applic~1\AVG8
2009-12-14 20:42:58 26368 -c--a-w- d:\windows\system32\dllcache\usbstor.sys
2009-12-14 20:27:38 0 d-----w- d:\windows\system32\ReinstallBackups
2009-12-14 20:27:35 290816 ----a-w- d:\windows\vncutil.exe
2009-12-14 20:27:34 39424 ----a-w- d:\windows\system32\RtkCoInstXP.dll
2009-12-14 20:27:34 104992 ----a-w- d:\windows\RtkAudioService.exe
2009-12-14 20:27:31 1389056 ----a-w- d:\windows\system32\drivers\Monfilt.sys
2009-12-14 20:27:29 1684736 ----a-w- d:\windows\system32\drivers\Ambfilt.sys
2009-12-14 20:27:29 0 d-----w- d:\program files\Realtek
2009-12-14 20:27:22 528384 ------r- d:\windows\RtlExUpd.dll
2009-12-14 20:10:42 552 ----a-w- d:\windows\system32\d3d8caps.dat
2009-12-14 19:45:17 0 d-sh--w- d:\documents and settings\all users\DRM
2009-12-14 19:45:06 0 d--h--w- d:\program files\WindowsUpdate
2009-12-14 19:45:00 0 d-----w- d:\program files\Windows Media Connect 2
2009-12-14 19:44:28 0 d-----w- d:\program files\common files\MSSoap
2009-12-14 19:43:31 0 d-----w- d:\program files\Online Services
2009-12-14 19:43:28 0 d-----w- d:\program files\Messenger
2009-12-14 19:43:25 0 d-----w- d:\program files\MSN Gaming Zone
2009-12-14 19:42:55 0 d-----w- d:\program files\Windows NT
2009-12-14 19:39:18 0 d-----w- d:\program files\common files\ODBC
2009-12-14 19:39:16 0 d-----w- d:\program files\common files\SpeechEngines
2009-12-14 19:38:59 0 d-----r- d:\documents and settings\all users\Documents
==================== Find3M ====================
2009-12-14 19:49:59 9985 ----a-w- D:\hwids.dat
2009-12-14 19:43:35 21640 ----a-w- d:\windows\system32\emptyregdb.dat
2009-11-09 03:21:18 59388 ----a-w- d:\windows\system32\drivers\scdemu.sys
2009-10-29 07:45:44 841216 ----a-w- d:\windows\system32\wininet.dll
2009-10-29 07:45:42 78336 ----a-w- d:\windows\system32\ieencode.dll
2009-10-29 07:45:42 17408 ----a-w- d:\windows\system32\corpol.dll
2009-10-13 10:30:16 270336 ----a-w- d:\windows\system32\oakley.dll
2009-10-12 17:58:48 150016 ----a-w- d:\windows\system32\rastls.dll
2009-10-12 13:28:47 79872 ----a-w- d:\windows\system32\raschap.dll
============= FINISH: 19:40:49.46 ===============