Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Need Help with Malware Removal

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Need Help with Malware Removal

Unread postby randymks » August 28th, 2010, 2:21 am

I am pretty certain I have a couple of "hijacker" type of Malware Viruses. First of all I have a computer running Windows XP 32 Bit with SP3. I have up to date Symantec Endpoint Antivirus along with Malwarebytes AntiMalware Pro installed.
Here are my symptoms: Whenever I use Internet Explorer and go to Google to do a search on any topic, I will be redirected whenever I click on the first link at the top of the page. Thinking my host file may have been infected amongst other things, I performed a couple of checks using other scanners because neither Symantec or Malwarebytes were detecting anything. I did an on-line virus scan using Kaspersky Online Scanner version 7.0.26.13. It detected 5 viruses. 3 of those viruses have since been quarantined by Symantec Endpoint. The 2 remaining are: Trojan.Win32.FraudPack.rdo and Trojan-Proxy.Win32.Saturn.jt 1.

The other thing I did was run a HiJackThis Scan. It detected a lot of irregular entries in my host file. I can see a number of those that I know should not be listed in the host file. That's why I think the host file has been hijacked along with whatever else may be infected.

I am listing the HiJackThis log below as well as my Uninstall Log as you require. If you want, I can also provide the Kaspersky Online Scanner Report and/or my Symantec log. I really need some help getting this removed as I have been working on this for a week and can't seem to figure out how to fix the problem. Any help would be greatly appreciated.

HiJackThis Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:43:43 PM, on 8/27/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\DesktopAuthority\DaMaint.exe
C:\Program Files\DesktopAuthority\DesktopAuthority.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LxrSII1s.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\ScriptLogic\Desktop Authority\Client Files\8.08004.63486\SLClient.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ScriptLogic\Desktop Authority\Client Files\8.08004.63486\CBM\ScriptLogic.CBM.Agent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.Exe
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\ScriptLogic\Desktop Authority\Client Files\8.08004.63486\CBM\ScriptLogic.CBM.UserExperience.exe
C:\Program Files\DesktopAuthority\rmgui.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WebEx\Productivity Tools\PTIM.exe
C:\Program Files\WebEx\Productivity Tools\ptoneclk.exe
C:\Program Files\Microsoft Office Communicator\Communicator.exe
C:\Documents and Settings\rmoon\Local Settings\Application Data\Lexar Media\LxrAutorun.exe
C:\Program Files\WebEx\Productivity Tools\ptSrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\notepad.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.microsoft.com/microsoftupdate
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Kansas Highway Patrol
O1 - Hosts: 165.201.58.249 pal.kcjis.state.ks.us
O1 - Hosts: 165.201.58.229 ksmart.kcjis.state.ks.us
O1 - Hosts: 165.201.58.210 http://cpi.kcjis.state.ks.us:8080/KAN/
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 67.215.245.21 www.google-analytics.com
O1 - Hosts: 95.211.99.109 google.ae
O1 - Hosts: 95.211.99.109 google.as
O1 - Hosts: 95.211.99.109 google.at
O1 - Hosts: 95.211.99.109 google.az
O1 - Hosts: 95.211.99.109 google.ba
O1 - Hosts: 95.211.99.109 google.be
O1 - Hosts: 95.211.99.109 google.bg
O1 - Hosts: 95.211.99.109 google.bs
O1 - Hosts: 95.211.99.109 google.ca
O1 - Hosts: 95.211.99.109 google.cd
O1 - Hosts: 95.211.99.109 google.com.gh
O1 - Hosts: 95.211.99.109 google.com.hk
O1 - Hosts: 95.211.99.109 google.com.jm
O1 - Hosts: 95.211.99.109 google.com.mx
O1 - Hosts: 95.211.99.109 google.com.my
O1 - Hosts: 95.211.99.109 google.com.na
O1 - Hosts: 95.211.99.109 google.com.nf
O1 - Hosts: 95.211.99.109 google.com.ng
O1 - Hosts: 95.211.99.109 google.ch
O1 - Hosts: 95.211.99.109 google.com.np
O1 - Hosts: 95.211.99.109 google.com.pr
O1 - Hosts: 95.211.99.109 google.com.qa
O1 - Hosts: 95.211.99.109 google.com.sg
O1 - Hosts: 95.211.99.109 google.com.tj
O1 - Hosts: 95.211.99.109 google.com.tw
O1 - Hosts: 95.211.99.109 google.dj
O1 - Hosts: 95.211.99.109 google.de
O1 - Hosts: 95.211.99.109 google.dk
O1 - Hosts: 95.211.99.109 google.dm
O1 - Hosts: 95.211.99.109 google.ee
O1 - Hosts: 95.211.99.109 google.fi
O1 - Hosts: 95.211.99.109 google.fm
O1 - Hosts: 95.211.99.109 google.fr
O1 - Hosts: 95.211.99.109 google.ge
O1 - Hosts: 95.211.99.109 google.gg
O1 - Hosts: 95.211.99.109 google.gm
O1 - Hosts: 95.211.99.109 google.gr
O1 - Hosts: 95.211.99.109 google.ht
O1 - Hosts: 95.211.99.109 google.ie
O1 - Hosts: 95.211.99.109 google.im
O1 - Hosts: 95.211.99.109 google.in
O1 - Hosts: 95.211.99.109 google.it
O1 - Hosts: 95.211.99.109 google.ki
O1 - Hosts: 95.211.99.109 google.la
O1 - Hosts: 95.211.99.109 google.li
O1 - Hosts: 95.211.99.109 google.lv
O1 - Hosts: 95.211.99.109 google.ma
O1 - Hosts: 95.211.99.109 google.ms
O1 - Hosts: 95.211.99.109 google.mu
O1 - Hosts: 95.211.99.109 google.mw
O1 - Hosts: 95.211.99.109 google.nl
O1 - Hosts: 95.211.99.109 google.no
O1 - Hosts: 95.211.99.109 google.nr
O1 - Hosts: 95.211.99.109 google.nu
O1 - Hosts: 95.211.99.109 google.pl
O1 - Hosts: 95.211.99.109 google.pn
O1 - Hosts: 95.211.99.109 google.pt
O1 - Hosts: 95.211.99.109 google.ro
O1 - Hosts: 95.211.99.109 google.ru
O1 - Hosts: 95.211.99.109 google.rw
O1 - Hosts: 95.211.99.109 google.sc
O1 - Hosts: 95.211.99.109 google.se
O1 - Hosts: 95.211.99.109 google.sh
O1 - Hosts: 95.211.99.109 google.si
O1 - Hosts: 95.211.99.109 google.sm
O1 - Hosts: 95.211.99.109 google.sn
O1 - Hosts: 95.211.99.109 google.st
O1 - Hosts: 95.211.99.109 google.tl
O1 - Hosts: 95.211.99.109 google.tm
O1 - Hosts: 95.211.99.109 google.tt
O1 - Hosts: 95.211.99.109 google.us
O1 - Hosts: 95.211.99.109 google.vu
O1 - Hosts: 95.211.99.109 google.ws
O1 - Hosts: 95.211.99.109 google.co.ck
O1 - Hosts: 95.211.99.109 google.co.id
O1 - Hosts: 95.211.99.109 google.co.il
O1 - Hosts: 95.211.99.109 google.co.in
O1 - Hosts: 95.211.99.109 google.co.jp
O1 - Hosts: 95.211.99.109 google.co.kr
O1 - Hosts: 95.211.99.109 google.co.ls
O1 - Hosts: 95.211.99.109 google.co.ma
O1 - Hosts: 95.211.99.109 google.co.nz
O2 - BHO: ALOT Toolbar Helper - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\alot.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files\WebEx\Productivity Tools\ptonecli.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files\WebEx\Productivity Tools\ptonecli.dll
O4 - HKLM\..\Run: [DesktopAuthority User Experience] "C:\Program Files\ScriptLogic\Desktop Authority\Client Files\8.08004.63486\CBM\ScriptLogic.CBM.UserExperience.exe"
O4 - HKLM\..\Run: [DA Remote Management GUI] "C:\Program Files\DesktopAuthority\rmgui.exe"
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PTIM.exe] C:\Program Files\WebEx\Productivity Tools\PTIM.exe
O4 - HKCU\..\Run: [PTOneClick] C:\Program Files\WebEx\Productivity Tools\ptoneclk.exe /AutoRunning="2"
O4 - HKCU\..\Run: [COMMUNICATOR] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" /silentRetrials /background
O4 - HKCU\..\Run: [LxrAutorun] C:\Documents and Settings\rmoon\Local Settings\Application Data\Lexar Media\LxrAutorun.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.kcjis.state.ks.us
O15 - Trusted Zone: http://*.kcjis.state.ks.us
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 4890518781
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5676983113
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = KHP.GOV
O17 - HKLM\Software\..\Telephony: DomainName = KHP.GOV
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A389CE3-B194-4E93-BD4E-BEFA1B428BAA}: NameServer = 69.78.96.14 66.174.92.14
O17 - HKLM\System\CCS\Services\Tcpip\..\{DAE6178F-86BE-48F6-96DC-9F3DA15656A8}: NameServer = 192.168.2.208,165.201.168.50
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = KHP.GOV
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = KHP.GOV
O20 - AppInit_DLLs: DAinit.dll
O20 - Winlogon Notify: nzrNotifier - C:\WINDOWS\SYSTEM32\nzrNotifier.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: DA Remote Management Maintenance Service (DAMaint) - ScriptLogic Corporation - C:\Program Files\DesktopAuthority\DaMaint.exe
O23 - Service: DA Remote Management Service (DesktopAuthority) - ScriptLogic Corporation - C:\Program Files\DesktopAuthority\DesktopAuthority.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrSII1s.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ScriptLogic CBM Service - ScriptLogic Software Corporation - C:\Program Files\ScriptLogic\Desktop Authority\Client Files\8.08004.63486\CBM\ScriptLogic.CBM.Agent.exe
O23 - Service: ScriptLogic Service (SLClient) - ScriptLogic Software Corporation - C:\Program Files\ScriptLogic\Desktop Authority\Client Files\8.08004.63486\SLClient.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
O23 - Service: Check Point SecuRemote Service (SR_Service) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
O23 - Service: Check Point SecuRemote WatchDog (SR_WatchDog) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\svcrgr.exe

--
End of file - 16738 bytes

Uninstall Log:
AC3Filter (remove only)
actions-langs
Adobe Acrobat 9 Standard
Adobe Flash Player 10 ActiveX
Adobe SVG Viewer 3.0
ALOT Toolbar
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bluetooth Stack for Windows by Toshiba
Bonjour
Broadcom Gigabit Integrated Controller
Broadcom TPM Driver Installer
bundle-langs
CDDRV_Installer
Check Point VPN-1 SecureClient NG_AI_R56
CJIS Manuals
CommTASK
Compatibility Pack for the 2007 Office system
Conexant HDA D330 MDC V.92 Modem
content-distribution-point-langs
content-distribution-point-langs
Critical Update for Windows Media Player 11 (KB959772)
Dell Touchpad
DivX Codec
Free WMA to MP3 Converter 1.16
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
HP Deskjet 6900 series
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless Software
Internet Explorer
inventory-langs
IrfanView (remove only)
iTunes
Java 2 Runtime Environment, SE v1.4.2_07
Java(TM) 6 Update 20
Java(TM) 6 Update 5
Java(TM) 6 Update 7
KhalSetup
KLER Filler
LimeWire PRO 4.18.8
LiveUpdate 3.3 (Symantec Corporation)
M+ArchiveOutlookAddIn
Malwarebytes' Anti-Malware
mCore
mDriver
mDrWiFi
mHlpDell
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Runtime (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Communicator 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Edition 2003
Microsoft Office Professional Plus 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio 2005 Tools for Office Runtime
mIWA
mLogView
mMHouse
mPfMgr
mPfWiz
mProSafe
mSCfg
mSSO
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB954459)
mWlsSafe
mWMI
mZConfig
Novell ZENworks Remote Management
Oz776 SCR Driver V1.1.4.2
PANTECH PC Card Software
PC5750 Firmware Updates
Policy Action Handler Resources
policy-langs
PowerDVD
primary-agent-langs
PrimoPDF
PrimoPDF Redistribution Package
Quicken 2009
QuickTime
remotemanagement-langs
Roxio Easy Media Creator 7 Basic Edition
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
SetPoint
SigmaTel Audio
Symantec Endpoint Protection
system-update
system-update
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Word 2007 (KB974631)
Update for Microsoft Office Word 2007 (KB974631)
Update for Outlook 2007 Junk Email Filter (kb2202131)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
usermanagement-langs
Visual Studio 2005 Tools for Office Second Edition Runtime
VZAccess Manager
WebEx Productivity Tools
Windows Imaging Component
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player 11
Windows NT Messaging
Windows Presentation Foundation
Windows XP Service Pack 3
windows-desktop-langs
WinZip 11.1
zencore-agent-langs
zennotifyicon-langs
ZENworks Action Handlers
ZENworks Actions
ZENworks Agent Bundle Management
ZENworks Agent Core Modules
ZENworks Agent Inventory Management
ZENworks Agent Policy Management
ZENworks Agent WinProxy Module
ZENworks Content Distribution Point
ZENworks Extensions Libraries
ZENworks Image-Safe Data Agent
ZENworks Information Icon
ZENworks Policy Handlers
ZENworks Primary Agent
ZENworks Remote Management
ZENworks Uninstaller
ZENworks User Management
ZENworks Windows UI

Thanks for your help,
R. Moon
randymks
Active Member
 
Posts: 2
Joined: August 28th, 2010, 1:34 am
Advertisement
Register to Remove

Re: Need Help with Malware Removal

Unread postby randymks » August 28th, 2010, 9:10 am

Please disregard this posting. I managed to successfully clean the viruses today. Thanks for providing this forum.
R. Moon
randymks
Active Member
 
Posts: 2
Joined: August 28th, 2010, 1:34 am

Re: Need Help with Malware Removal

Unread postby NonSuch » August 28th, 2010, 11:37 pm

As this issue appears to be resolved, this topic is now closed.

You can help support this site from this link :
Donations For Malware Removal
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27302
Joined: February 23rd, 2005, 7:08 am
Location: California


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 29 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware