Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

Having problems removing malware that is attaching itself

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

Having problems removing malware that is attaching itself

Unread postby elizabetheburke » June 1st, 2010, 10:56 pm

to everything i open . . .


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:46:23 PM, on 6/1/2010
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DynDNS Updater\DynDNS.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Charles\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Documents and Settings\Charles\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Charles\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/hardAdmin.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.254/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Charles\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O15 - ESC Trusted Zone: http://*.carbonite.com
O15 - ESC Trusted Zone: http://podcast-files.cnet.com
O15 - ESC Trusted Zone: *.domain%20stevengould.org
O15 - ESC Trusted Zone: http://www.mapquest.com
O15 - ESC Trusted Zone: http://runonce.msn.com
O15 - ESC Trusted Zone: http://www.primopdf.com
O15 - ESC Trusted Zone: http://www.stevengould.org
O15 - ESC Trusted Zone: http://*.stevengould.org
O15 - ESC Trusted Zone: http://*.windowsupdate.com
O15 - ESC Trusted Zone: http://runonce.msn.com (HKLM)
O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)
O16 - DPF: {40F8967E-34A6-474A-837A-CEC1E7DAC54C} - https://accounting.quickbooks.com/c6/v16.582/qboax9.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 1793797019
O16 - DPF: {843EE768-3A97-455C-9076-741BA3AD7B62} (QuickBooks Online Edition Utilities Class v10) - https://accounting.quickbooks.com/c6/v1 ... boax10.cab
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
O23 - Service: DynDNS Updater Service (DynDNS_Updater_Service) - Kana Solution - C:\Program Files\DynDNS Updater\DynDNS.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7703 bytes

Adobe Download Manager 2.0 (Remove Only)
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0.8
Adobe® Photoshop® Album Starter Edition 3.0
Apple Application Support
Apple Software Update
AVG 9.0
Bonjour
Broadcom 440x 10/100 Integrated Controller
Carbonite
DynDNS Updater 3.1
Google Gears
Google Gears
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Server 2003 (KB961118)
Hotfix for Windows Server 2003 (KB970653-v3)
Hotfix for Windows Server 2003 (KB976098-v2)
Hotfix for Windows Server 2003 (KB979306)
Hotfix for Windows Server 2003 (KB981793)
iPhone Configuration Utility
LiveUpdate 2.7 (Symantec Corporation)
McAfee VirusScan Enterprise
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Office Visio Professional 2003
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.3)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
NetMos Multi-IO Controller
NotePadSync
NVIDIA Drivers
OT50Client
OTClient61
OTClient70
OTClient80
preview for Windows
preview for Windows 6.6
QuarkXPress 6.0
QuickTime
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB947864)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Server 2003 (KB921503)
Security Update for Windows Server 2003 (KB923561)
Security Update for Windows Server 2003 (KB925902)
Security Update for Windows Server 2003 (KB926122)
Security Update for Windows Server 2003 (KB929123)
Security Update for Windows Server 2003 (KB930178)
Security Update for Windows Server 2003 (KB931768)
Security Update for Windows Server 2003 (KB931784)
Security Update for Windows Server 2003 (KB932168)
Security Update for Windows Server 2003 (KB933566)
Security Update for Windows Server 2003 (KB933729)
Security Update for Windows Server 2003 (KB933854)
Security Update for Windows Server 2003 (KB935839)
Security Update for Windows Server 2003 (KB935840)
Security Update for Windows Server 2003 (KB936021)
Security Update for Windows Server 2003 (KB936782)
Security Update for Windows Server 2003 (KB937143)
Security Update for Windows Server 2003 (KB938127)
Security Update for Windows Server 2003 (KB938464)
Security Update for Windows Server 2003 (KB941202)
Security Update for Windows Server 2003 (KB941568)
Security Update for Windows Server 2003 (KB941569)
Security Update for Windows Server 2003 (KB941644)
Security Update for Windows Server 2003 (KB941693)
Security Update for Windows Server 2003 (KB943055)
Security Update for Windows Server 2003 (KB943460)
Security Update for Windows Server 2003 (KB943485)
Security Update for Windows Server 2003 (KB944653)
Security Update for Windows Server 2003 (KB945553)
Security Update for Windows Server 2003 (KB946026)
Security Update for Windows Server 2003 (KB948590)
Security Update for Windows Server 2003 (KB948881)
Security Update for Windows Server 2003 (KB950760)
Security Update for Windows Server 2003 (KB950762)
Security Update for Windows Server 2003 (KB950974)
Security Update for Windows Server 2003 (KB951066)
Security Update for Windows Server 2003 (KB951698)
Security Update for Windows Server 2003 (KB951748)
Security Update for Windows Server 2003 (KB952004)
Security Update for Windows Server 2003 (KB952069)
Security Update for Windows Server 2003 (KB952954)
Security Update for Windows Server 2003 (KB953298)
Security Update for Windows Server 2003 (KB953839)
Security Update for Windows Server 2003 (KB954155)
Security Update for Windows Server 2003 (KB954211)
Security Update for Windows Server 2003 (KB954600)
Security Update for Windows Server 2003 (KB955069)
Security Update for Windows Server 2003 (KB956391)
Security Update for Windows Server 2003 (KB956572)
Security Update for Windows Server 2003 (KB956802)
Security Update for Windows Server 2003 (KB956803)
Security Update for Windows Server 2003 (KB956841)
Security Update for Windows Server 2003 (KB956844)
Security Update for Windows Server 2003 (KB957095)
Security Update for Windows Server 2003 (KB957097)
Security Update for Windows Server 2003 (KB958469)
Security Update for Windows Server 2003 (KB958644)
Security Update for Windows Server 2003 (KB958687)
Security Update for Windows Server 2003 (KB958690)
Security Update for Windows Server 2003 (KB958869)
Security Update for Windows Server 2003 (KB959426)
Security Update for Windows Server 2003 (KB960225)
Security Update for Windows Server 2003 (KB960715)
Security Update for Windows Server 2003 (KB960803)
Security Update for Windows Server 2003 (KB960859)
Security Update for Windows Server 2003 (KB961371)
Security Update for Windows Server 2003 (KB961371-v2)
Security Update for Windows Server 2003 (KB961373)
Security Update for Windows Server 2003 (KB961501)
Security Update for Windows Server 2003 (KB967723)
Security Update for Windows Server 2003 (KB968537)
Security Update for Windows Server 2003 (KB968816)
Security Update for Windows Server 2003 (KB969059)
Security Update for Windows Server 2003 (KB969898)
Security Update for Windows Server 2003 (KB969947)
Security Update for Windows Server 2003 (KB970238)
Security Update for Windows Server 2003 (KB970430)
Security Update for Windows Server 2003 (KB971032)
Security Update for Windows Server 2003 (KB971468)
Security Update for Windows Server 2003 (KB971486)
Security Update for Windows Server 2003 (KB971557)
Security Update for Windows Server 2003 (KB971633)
Security Update for Windows Server 2003 (KB971657)
Security Update for Windows Server 2003 (KB971961)
Security Update for Windows Server 2003 (KB972270)
Security Update for Windows Server 2003 (KB973346)
Security Update for Windows Server 2003 (KB973354)
Security Update for Windows Server 2003 (KB973507)
Security Update for Windows Server 2003 (KB973525)
Security Update for Windows Server 2003 (KB973540)
Security Update for Windows Server 2003 (KB973869)
Security Update for Windows Server 2003 (KB973904)
Security Update for Windows Server 2003 (KB974112)
Security Update for Windows Server 2003 (KB974318)
Security Update for Windows Server 2003 (KB974392)
Security Update for Windows Server 2003 (KB974571)
Security Update for Windows Server 2003 (KB975025)
Security Update for Windows Server 2003 (KB975467)
Security Update for Windows Server 2003 (KB975560)
Security Update for Windows Server 2003 (KB975713)
Security Update for Windows Server 2003 (KB977816)
Security Update for Windows Server 2003 (KB977914)
Security Update for Windows Server 2003 (KB978037)
Security Update for Windows Server 2003 (KB978251)
Security Update for Windows Server 2003 (KB978262)
Security Update for Windows Server 2003 (KB978338)
Security Update for Windows Server 2003 (KB978542)
Security Update for Windows Server 2003 (KB978601)
Security Update for Windows Server 2003 (KB978706)
Security Update for Windows Server 2003 (KB979309)
Security Update for Windows Server 2003 (KB979683)
Security Update for Windows Server 2003 (KB980232)
Security Update for Windows Server 2003 (KB981349)
SigmaTel Audio
Symantec Ghost Standard Tools
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Server 2003 (KB927891)
Update for Windows Server 2003 (KB931836)
Update for Windows Server 2003 (KB933360)
Update for Windows Server 2003 (KB942763)
Update for Windows Server 2003 (KB948496)
Update for Windows Server 2003 (KB951072-v2)
Update for Windows Server 2003 (KB955759)
Update for Windows Server 2003 (KB955839)
Update for Windows Server 2003 (KB967715)
Update for Windows Server 2003 (KB968389)
Update for Windows Server 2003 (KB971737)
Update for Windows Server 2003 (KB973687)
Update for Windows Server 2003 (KB973815)
Update for Windows Server 2003 (KB973825)
Update for Windows Server 2003 (KB977165)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WD Backup
WD Diagnostics
WD Firewire HID Driver
Windows Imaging Component
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Server 2003 Service Pack 2
WinZip
elizabetheburke
Active Member
 
Posts: 1
Joined: June 1st, 2010, 10:50 pm
Top
Advertisement
Register to Remove

Re: Having problems removing malware that is attaching itsel

Unread postby NonSuch » June 2nd, 2010, 12:31 am

Unfortunately, the computer in question is running Windows Server 2003, and we do not work on servers, so we are unable to assist you.

As this issue involves a server, and therefore falls outside the scope of this forum, this topic is now closed.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Top
Topic locked
  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 231 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index