1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive virus disabled my internet conection and AVG anti virus

Discussion in 'Malware and Virus Removal Archive' started by thiagoferreira, 2009/10/22.

  1. 2009/10/22
    thiagoferreira

    thiagoferreira Inactive Thread Starter

    Joined:
    2009/10/22
    Messages:
    5
    Likes Received:
    0
    [Inactive] virus disabled my internet conection and AVG anti virus

    some kind of a virus just disable my internet connection(the pedrive kind) and my avg anti-virus and won't let me reinstall or connect my laptop to the internet......I ran a highjack this on it...here is the log file for it...
    Don't know what kind of virus it is..also it unistalled a bunch of other programs.......its making a huge mess in my latop......I would really appreciate your help and information on this.....txs for helping out.....best regards

    Thiago Ferreira

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:04:48 p.m., on 22/10/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18319)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Windows\system32\igfxext.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Selensis\InfoStore 3.0\English\DeskNotes.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Users\Satu\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\F-Secure\FSGUI\fscuif.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://in.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://in.search.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    R3 - URLSearchHook: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll (file missing)
    R3 - URLSearchHook: P2P MAX EN Atube Toolbar - {ee78981f-3768-4f82-9241-9aa5f3712651} - C:\Program Files\P2P_MAX_EN_Atube\tbP2P_.dll (file missing)
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll (file missing)
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll (file missing)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (file missing)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (file missing)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (file missing)
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (file missing)
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (file missing)
    O2 - BHO: P2P MAX EN Atube Toolbar - {ee78981f-3768-4f82-9241-9aa5f3712651} - C:\Program Files\P2P_MAX_EN_Atube\tbP2P_.dll (file missing)
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (file missing)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (file missing)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (file missing)
    O3 - Toolbar: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll (file missing)
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll (file missing)
    O3 - Toolbar: P2P MAX EN Atube Toolbar - {ee78981f-3768-4f82-9241-9aa5f3712651} - C:\Program Files\P2P_MAX_EN_Atube\tbP2P_.dll (file missing)
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll (file missing)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [INFOSTORE SEAGENT] C:\Program Files\Selensis\InfoStore 3.0\English\Seagent.exe /R
    O4 - HKCU\..\Run: [InfoStore DeskNotes] C:\Program Files\Selensis\InfoStore 3.0\English\DeskNotes.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [avp] C:\RECYCLER\S-1-5-21-3916021076-5875692970-123494267-1135\hdav.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Satu\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
    O4 - HKUS\S-1-5-21-184218036-2201310830-1053570789-1004\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'YOU')
    O4 - HKUS\S-1-5-21-184218036-2201310830-1053570789-1004\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'YOU')
    O4 - HKUS\S-1-5-21-184218036-2201310830-1053570789-1004\..\Run: [INFOSTORE SEAGENT] C:\Program Files\Selensis\InfoStore 3.0\English\Seagent.exe /R (User 'YOU')
    O4 - HKUS\S-1-5-21-184218036-2201310830-1053570789-1004\..\Run: [InfoStore DeskNotes] C:\Program Files\Selensis\InfoStore 3.0\English\DeskNotes.exe (User 'YOU')
    O4 - HKUS\S-1-5-21-184218036-2201310830-1053570789-1004\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'YOU')
    O4 - HKUS\S-1-5-21-184218036-2201310830-1053570789-1004\..\Run: [avp] C:\RECYCLER\S-1-5-21-3916021076-5875692970-123494267-1135\hdav.exe (User 'YOU')
    O4 - HKUS\S-1-5-21-184218036-2201310830-1053570789-1004\..\Run: [Google Update] "C:\Users\Satu\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'YOU')
    O4 - HKUS\S-1-5-21-184218036-2201310830-1053570789-1004\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h (User 'YOU')
    O4 - HKUS\S-1-5-21-184218036-2201310830-1053570789-1004\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (User 'YOU')
    O4 - HKUS\S-1-5-21-184218036-2201310830-1053570789-1004\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent (User 'YOU')
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Lähetä kuva &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Lähetä sivu &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (file missing)
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (file missing)
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (file missing)
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
    O13 - Gopher Prefix:
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
    O23 - Service: Windows Live Family Safety Service (fsssvc) - Unknown owner - C:\Program Files\Windows Live\Family Safety\fsssvc.exe (file missing)
    O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Microsoft Office Groove Audit Service - Unknown owner - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (file missing)
    O23 - Service: SQL Server (MSSMLBIZ) (MSSQL$MSSMLBIZ) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (file missing)
    O23 - Service: Microsoft Office Diagnostics Service (odserv) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (file missing)
    O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

    --
    End of file - 14444 bytes
     
    thiagoferreira,
    #1
  2. 2009/10/22
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    Welcome to WindowsBBs :)

    Please read this as indicated at the head of the forum and post the logs requested in this thread.
     
    PeteC,
    #2


  3. to hide this advert.

  4. 2009/10/23
    thiagoferreira

    thiagoferreira Inactive Thread Starter

    Joined:
    2009/10/22
    Messages:
    5
    Likes Received:
    0
    Hey there Pete....sorry for being a bit rude....I apologize for it.....here is the log u asked for


    DDS (Ver_09-10-13.01) - NTFSx86
    Run by Satu at 12:50:35.59 on Fri 23/10/2009
    Internet Explorer: 7.0.6001.18000
    Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6001.1.1252.64.1035.18.3032.1400 [GMT 3:00]

    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Program Files\AVG\AVG8\avgrsx.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\agrsmsvc.exe
    C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\PnkBstrA.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Windows\system32\igfxext.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Selensis\InfoStore 3.0\English\DeskNotes.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Users\Satu\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Program Files\Liikkuva laajakaista\ejectdisk.exe
    C:\Program Files\Liikkuva laajakaista\Modem.exe
    C:\Users\Satu\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Satu\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Satu\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    C:\Windows\system32\notepad.exe
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\Program Files\F-Secure\Common\FSHDLL32.EXE
    C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Satu\Documents\Downloads\dds.scr

    ============== Pseudo HJT Report ===============

    uDefault_Page_URL = hxxp:\\www.samsungcomputer.com
    mDefault_Page_URL = hxxp://in.yahoo.com
    uSearchURL,(Default) = hxxp://in.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://in.search.yahoo.com
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
    uURLSearchHooks: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTogg.dll
    uURLSearchHooks: P2P MAX EN Atube Toolbar: {ee78981f-3768-4f82-9241-9aa5f3712651} - c:\program files\p2p_max_en_atube\tbP2P_.dll
    uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
    mURLSearchHooks: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTogg.dll
    mURLSearchHooks: P2P MAX EN Atube Toolbar: {ee78981f-3768-4f82-9241-9aa5f3712651} - c:\program files\p2p_max_en_atube\tbP2P_.dll
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
    BHO: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTogg.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
    BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    BHO: P2P MAX EN Atube Toolbar: {ee78981f-3768-4f82-9241-9aa5f3712651} - c:\program files\p2p_max_en_atube\tbP2P_.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
    TB: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTogg.dll
    TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
    TB: P2P MAX EN Atube Toolbar: {ee78981f-3768-4f82-9241-9aa5f3712651} - c:\program files\p2p_max_en_atube\tbP2P_.dll
    TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
    uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
    uRun: [INFOSTORE SEAGENT] c:\program files\selensis\infostore 3.0\english\Seagent.exe /R
    uRun: [InfoStore DeskNotes] c:\program files\selensis\infostore 3.0\english\DeskNotes.exe
    uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
    uRun: [avp] c:\recycler\s-1-5-21-3916021076-5875692970-123494267-1135\hdav.exe
    uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
    uRun: [Google Update] "c:\users\satu\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [ares] "c:\program files\ares\Ares.exe" -h
    uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
    uRun: [EA Core] c:\program files\electronic arts\eadm\Core.exe -silent
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe "
    mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
    mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
    mRun: [F-Secure Manager] "c:\program files\f-secure\common\FSM32.EXE" /splash
    mRun: [F-Secure TNB] "c:\program files\f-secure\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: Lähetä kuva &Bluetooth-laitteeseen... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
    IE: Lähetä sivu &Bluetooth-laitteeseen... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    LSP: c:\program files\f-secure\fsps\program\FSLSP.DLL
    Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Notify: igfxcui - igfxdev.dll
    AppInit_DLLs: avgrsstx.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

    ============= SERVICES / DRIVERS ===============

    R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2009-10-22 33920]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-10-8 335240]
    R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-10-8 108552]
    R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\f-secure\hips\drivers\fshs.sys [2009-10-22 68064]
    R1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-10-22 35680]
    R1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-10-22 71040]
    R1 fsvista;F-Secure Vista Support Driver;c:\program files\f-secure\anti-virus\minifilter\fsvista.sys [2009-10-22 12384]
    R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\microsoft small business\business contact manager\BcmSqlStartupSvc.exe [2008-1-11 30312]
    R2 KMDFMEMIO;SAMSUNG Kernel Driver;c:\windows\system32\drivers\KMDFMEMIO.sys [2008-10-21 13312]
    R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
    R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\f-secure\anti-virus\minifilter\fsgk.sys [2009-10-22 101496]
    R3 FSORSPClient;F-Secure ORSP Client;c:\program files\f-secure\orsp client\fsorsp.exe [2009-10-22 55904]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-10-21 112128]
    R3 VMC302;Vimicro Camera Service VMC302;c:\windows\system32\drivers\vmc302.sys [2008-10-21 242048]
    S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-10-8 297752]
    S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-10-16 54632]
    S3 fsssvc;Windows Live Family Safety Service; "c:\program files\windows live\family safety\fsssvc.exe" --> c:\program files\windows live\family safety\fsssvc.exe [?]
    S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); "c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe" -smssmlbiz --> c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [?]
    S4 F-Secure Filter;F-Secure File System Filter;c:\program files\f-secure\anti-virus\win2k\fsfilter.sys [2009-10-22 39776]
    S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\f-secure\anti-virus\win2k\fsrec.sys [2009-10-22 25184]

    =============== Created Last 30 ================

    2009-10-22 21:29 <DIR> --d----- c:\program files\uTorrent
    2009-10-22 20:04 <DIR> --d----- c:\program files\Trend Micro
    2009-10-22 19:37 33,920 a------- c:\windows\system32\drivers\fsbts.sys
    2009-10-22 19:36 35,680 a------- c:\windows\system32\drivers\fses.sys
    2009-10-22 19:36 71,040 a------- c:\windows\system32\drivers\fsdfw.sys
    2009-10-22 19:35 <DIR> --d----- c:\program files\F-Secure
    2009-10-21 14:36 <DIR> --d----- c:\programdata\McAfee
    2009-10-21 14:33 755,712 a------- c:\windows\system32\drivers\athr.sys
    2009-10-21 14:33 319,456 a------- c:\windows\system32\DIFxAPI.dll
    2009-10-21 14:33 45,056 a------- c:\windows\system32\RmWLAN.exe
    2009-10-21 14:33 42,496 a------- c:\windows\system32\RmWLAN64.exe
    2009-10-21 14:33 40,960 a------- c:\windows\system32\IhDEV.exe
    2009-10-21 14:33 24,576 a------- c:\windows\system32\IhINF.exe
    2009-10-21 14:33 <DIR> --d----- c:\program files\Atheros WLAN Client
    2009-10-19 18:18 <DIR> --d----- c:\program files\Microsoft Visual Studio 8
    2009-10-18 11:02 <DIR> --d----- c:\users\satu\Satus portuguese
    2009-10-16 15:56 54,632 a------- c:\windows\system32\drivers\fssfltr.sys
    2009-10-16 10:02 <DIR> --d----- c:\windows\SQL9_KB970892_ENU
    2009-10-15 14:41 3,597,896 a------- c:\windows\system32\ntkrnlpa.exe
    2009-10-15 14:41 3,546,184 a------- c:\windows\system32\ntoskrnl.exe
    2009-10-14 20:36 428,544 a------- c:\windows\system32\EncDec.dll
    2009-10-14 20:36 217,088 a------- c:\windows\system32\psisrndr.ax
    2009-10-14 20:36 293,376 a------- c:\windows\system32\psisdecd.dll
    2009-10-14 20:36 177,664 a------- c:\windows\system32\mpg2splt.ax
    2009-10-14 20:36 80,896 a------- c:\windows\system32\MSNP.ax
    2009-10-14 20:34 604,672 a------- c:\windows\system32\WMSPDMOD.DLL
    2009-10-14 20:19 144,896 a------- c:\windows\system32\drivers\srv2.sys
    2009-10-14 19:48 61,440 a------- c:\windows\system32\msasn1.dll
    2009-10-14 10:02 514,384 a------- c:\windows\system32\XAudio2_3.dll
    2009-10-14 10:02 235,856 a------- c:\windows\system32\xactengine3_3.dll
    2009-10-14 10:02 70,992 a------- c:\windows\system32\XAPOFX1_2.dll
    2009-10-14 10:02 23,376 a------- c:\windows\system32\X3DAudio1_5.dll
    2009-10-12 19:06 <DIR> --d----- c:\windows\system32\AGEIA
    2009-10-10 17:59 <DIR> --d----- c:\users\satu\appdata\roaming\DAEMON Tools Pro
    2009-10-09 12:21 <DIR> --d-h--- C:\$AVG8.VAULT$
    2009-10-08 19:08 11,952 a------- c:\windows\system32\avgrsstx.dll
    2009-10-08 19:08 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
    2009-10-08 19:08 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
    2009-10-08 19:07 <DIR> --d----- c:\windows\system32\drivers\Avg
    2009-10-08 19:07 <DIR> --d----- c:\programdata\AVG Security Toolbar
    2009-10-08 19:07 <DIR> --d----- c:\progra~2\AVG Security Toolbar
    2009-10-08 19:07 <DIR> --d----- c:\program files\AVG
    2009-10-08 19:07 <DIR> --d----- c:\programdata\avg8
    2009-10-08 19:07 <DIR> --d----- c:\progra~2\avg8
    2009-10-08 18:50 <DIR> --d----- c:\users\satu\appdata\roaming\AVG8
    2009-10-08 10:06 622,080 a------- c:\windows\system32\icardagt.exe
    2009-10-08 10:06 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-10-08 10:06 97,800 a------- c:\windows\system32\infocardapi.dll
    2009-10-08 10:06 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
    2009-10-08 10:06 37,384 a------- c:\windows\system32\infocardcpl.cpl
    2009-10-08 10:06 11,264 a------- c:\windows\system32\icardres.dll
    2009-10-08 10:06 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
    2009-10-08 10:06 326,160 a------- c:\windows\system32\PresentationHost.exe
    2009-10-08 10:01 96,760 a------- c:\windows\system32\dfshim.dll
    2009-10-08 10:01 282,112 a------- c:\windows\system32\mscoree.dll
    2009-10-08 10:01 41,984 a------- c:\windows\system32\netfxperf.dll
    2009-10-08 10:00 158,720 a------- c:\windows\system32\mscorier.dll
    2009-10-08 10:00 83,968 a------- c:\windows\system32\mscories.dll
    2009-10-07 14:34 1,256,448 a------- c:\windows\system32\lsasrv.dll
    2009-10-07 14:34 499,712 a------- c:\windows\system32\kerberos.dll
    2009-10-07 14:34 439,896 a------- c:\windows\system32\drivers\ksecdd.sys
    2009-10-07 14:34 270,848 a------- c:\windows\system32\schannel.dll
    2009-10-07 14:34 175,104 a------- c:\windows\system32\wdigest.dll
    2009-10-07 14:34 72,704 a------- c:\windows\system32\secur32.dll
    2009-10-07 14:34 9,728 a------- c:\windows\system32\lsass.exe
    2009-10-07 10:09 2,048 a------- c:\windows\system32\tzres.dll
    2009-10-06 17:59 195,440 a------- c:\windows\system32\MpSigStub.exe
    2009-10-06 17:55 28,672 a------- c:\windows\system32\Apphlpdm.dll
    2009-10-06 17:55 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
    2009-10-06 17:54 897,608 a------- c:\windows\system32\drivers\tcpip.sys
    2009-10-06 17:54 104,960 a------- c:\windows\system32\netiohlp.dll
    2009-10-06 17:54 27,136 a------- c:\windows\system32\NETSTAT.EXE
    2009-10-06 17:54 19,968 a------- c:\windows\system32\ARP.EXE
    2009-10-06 17:54 17,920 a------- c:\windows\system32\ROUTE.EXE
    2009-10-06 17:54 11,264 a------- c:\windows\system32\MRINFO.EXE
    2009-10-06 17:54 10,240 a------- c:\windows\system32\finger.exe
    2009-10-06 17:54 9,728 a------- c:\windows\system32\TCPSVCS.EXE
    2009-10-06 17:54 8,704 a------- c:\windows\system32\HOSTNAME.EXE
    2009-10-06 17:54 17,920 a------- c:\windows\system32\netevent.dll
    2009-10-06 17:03 160,256 a------- c:\windows\system32\wkssvc.dll
    2009-10-06 16:48 2,066,432 a------- c:\windows\system32\mstscax.dll
    2009-10-06 16:44 636,928 a------- c:\windows\system32\localspl.dll
    2009-10-06 16:44 91,136 a------- c:\windows\system32\avifil32.dll
    2009-10-06 16:37 313,344 a------- c:\windows\system32\wmpdxm.dll
    2009-10-06 16:37 7,680 a------- c:\windows\system32\spwmp.dll
    2009-10-06 16:37 4,096 a------- c:\windows\system32\msdxm.ocx
    2009-10-06 16:37 4,096 a------- c:\windows\system32\dxmasf.dll
    2009-10-06 16:37 8,147,456 a------- c:\windows\system32\wmploc.DLL
    2009-10-06 16:37 43,520 a------- c:\windows\system32\msdxm.tlb
    2009-10-06 16:37 18,432 a------- c:\windows\system32\amcompat.tlb
    2009-10-06 16:27 784,896 a------- c:\windows\system32\rpcrt4.dll
    2009-10-06 15:16 124,688 a------- c:\windows\system32\MSWINSCK.OCX
    2009-10-06 14:38 110,080 a------- c:\windows\system32\drivers\ZTEusbnet.sys
    2009-10-06 14:38 104,960 a------- c:\windows\system32\drivers\ZTEusbser6k.sys
    2009-10-06 14:38 104,960 a------- c:\windows\system32\drivers\ZTEusbnmea.sys
    2009-10-06 14:38 104,960 a------- c:\windows\system32\drivers\ZTEusbmdm6k.sys
    2009-10-06 14:38 <DIR> --d----- c:\windows\system32\SupportAppXL
    2009-10-06 14:38 <DIR> --d----- c:\program files\Liikkuva laajakaista

    ==================== Find3M ====================

    2009-10-23 12:40 86,016 a------- c:\windows\inf\infstrng.dat
    2009-10-23 12:40 86,016 a------- c:\windows\inf\infstor.dat
    2009-10-23 12:40 51,200 a------- c:\windows\inf\infpub.dat
    2009-10-23 12:28 496,446 a------- c:\windows\system32\perfh00B.dat
    2009-10-23 12:28 107,518 a------- c:\windows\system32\perfc00B.dat
    2009-10-18 20:40 138,184 a------- c:\windows\system32\drivers\PnkBstrK.sys
    2009-10-18 20:39 183,112 a------- c:\windows\system32\PnkBstrB.exe
    2009-10-06 19:51 56 a---h--- c:\programdata\ezsidmv.dat
    2009-10-06 19:51 56 a---h--- c:\progra~2\ezsidmv.dat
    2009-09-19 12:14 66,872 a------- c:\windows\system32\PnkBstrA.exe
    2009-09-18 20:27 14,050 a------- c:\windows\system32\ealregsnapshot1.reg
    2009-09-10 20:30 213,504 a------- c:\windows\system32\msv1_0.dll
    2009-08-28 15:39 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
    2009-08-28 15:38 2,153,984 a------- c:\windows\apppatch\AcGenral.dll
    2009-08-28 15:38 541,696 a------- c:\windows\apppatch\AcLayers.dll
    2009-08-28 15:38 459,776 a------- c:\windows\apppatch\AcSpecfc.dll
    2009-08-27 16:32 833,024 a------- c:\windows\system32\wininet.dll
    2009-08-27 16:29 78,336 a------- c:\windows\system32\ieencode.dll
    2009-08-27 13:58 26,624 a------- c:\windows\system32\ieUnatt.exe
    2009-08-17 23:33 1,193,832 a------- c:\windows\system32\FM20.DLL
    2009-07-26 16:44 48,448 a------- c:\windows\system32\sirenacm.dll
    2008-10-21 18:59 665,600 a------- c:\windows\inf\drvindex.dat
    2008-10-21 16:30 274,158 a------- c:\windows\inf\perflib\040b\perfi.dat
    2008-10-21 16:30 274,158 a------- c:\windows\inf\perflib\040b\perfh.dat
    2008-10-21 16:30 36,790 a------- c:\windows\inf\perflib\040b\perfd.dat
    2008-10-21 16:30 36,790 a------- c:\windows\inf\perflib\040b\perfc.dat
    2006-11-02 15:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
    2006-11-02 15:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
    2006-11-02 15:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
    2006-11-02 15:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
    2006-11-02 12:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
    2006-11-02 12:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
    2006-11-02 12:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
    2006-11-02 12:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
    2009-01-05 16:19 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
    2009-01-05 16:19 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
    2009-01-05 16:19 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat

    ============= FINISH: 12:53:32.00 ===============
     
    thiagoferreira,
    #3
  5. 2009/10/23
    thiagoferreira

    thiagoferreira Inactive Thread Starter

    Joined:
    2009/10/22
    Messages:
    5
    Likes Received:
    0
    Ok...it seems like I can somehow connect to the internet with my wireless but I can't use the pendrive connection. I took my laptop to the place where I bought the pendrive internet connection and the guy reinstalled the program but the virus won't let me run it, and it gives me this error message: Access violation at address 0059B5F6 in module.exe read of address 000002EC. Also I live in Finland and I don't speak Finnish, and my laptop is all in Finnish....so it can be quite a hassle to try to figure out whats going on or what kind of virus it is......it seems like its some kind that highjacks the administrator rights to the computer...Its attacking all sorts of programs...from computer games to Antiviruses and Office 2007.....just giving you a little info on the problem so u can more or less get the picture......really appreciate your help as I know that you guys are not being paid for the service...txs for helping out......will keep in touch......
     
    thiagoferreira,
    #4
  6. 2009/10/23
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    Thanks :)

    One of our trained malware analysts will take a look at your logs ASAP, but it may be a day or so before you get a response as they are always very busy. All logs are dealt with in the order received.

    Thank you for your patience.
     
    PeteC,
    #5
  7. 2009/10/23
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    First of all, you're running two AV programs, AVG and F-Secure.
    One of them has to go.
    Use...
    AVG Removal Tool: http://www.avg.com/us-en/download-tools
    or
    F-Secure Uninstallation tool: http://support.f-secure.com/enu/corporate/downloads/removeav.shtml

    When done...

    Please download ComboFix from [color= "Red"]Here[/color] or [color= "#FF0000"]Here[/color] to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".
      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      NOTE. If Combofix asks you to install Recovery Console, please allow it.
      • Close any open browsers.
      • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
      • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    4. Double click on combofix.exe & follow the prompts.
    5. When finished, it will produce a report for you.
    6. Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.
    **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

    Make sure, you re-enable your security programs, when you're done with Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!



    Download HijackThis:
    http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
    by clicking on Download HijackThis Installer
    Install, and run it.
    Post HijackTHis log.
    Do NOT attempt to fix anything!

    NOTE. If you're using Vista, right click on HijackThis, and click Run as Administrator
     
    broni,
    #6
  8. 2009/10/28
    thiagoferreira

    thiagoferreira Inactive Thread Starter

    Joined:
    2009/10/22
    Messages:
    5
    Likes Received:
    0
    something is wrong with my computer.....

    You see I installed the other anti-virus cause AVG was nowhere to be found.....and now my laptop won't even boot.....it says that theres no operating system........I think that the virus just destroyed my hard-drive.....I took it to a shop to see what they can do for me......will keep you guys posted about it.......txs for all your help and time......Best regards

    Thiago Ferreira
     
    thiagoferreira,
    #7
  9. 2009/10/28
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    OK. Keep us posted.
     
    broni,
    #8
  10. 2009/11/18
    thiagoferreira

    thiagoferreira Inactive Thread Starter

    Joined:
    2009/10/22
    Messages:
    5
    Likes Received:
    0
    Alright guys......just writing in to let you know that my HD was totally disabled by the virus.....whatever it was, it erased my whole HD and damaged it......just so you guys know it was a brand new HD....bought a new one now to replace the old one.....but anyways txs for all your help with this one.....Best regards
     
    thiagoferreira,
    #9
  11. 2009/11/18
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    I'm sorry for your problems :(.
    Thanks for posting back :)
     
    broni,
    #10

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...