We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
Help please - can't remove Personal Antivirus and Mcafee won't update
Comments
-
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-20 5674352]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-14 39264]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2006-02-28 44544]
"RunNarrator"="Narrator.exe" - c:\windows\system32\narrator.exe [2008-04-14 53760]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Find Fast.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1997-7-31 111376]
Office Startup.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1997-7-31 51984]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-23 00:05 356352 ----a-w c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\1184763857\\ee\\aolsoftware.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-04-28 7408]
S1 aswSP;avast! Self Protection; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-04-28 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-04-28 72944]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-04 13592]
--- Other Services/Drivers In Memory ---
*Deregistered* - ATWPKT2
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44edf72e-ea0b-11dd-99a0-00038a000015}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44edf732-ea0b-11dd-99a0-00038a000015}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{89df1c9f-dd0c-11dc-9896-00038a000015}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{89df1ca3-dd0c-11dc-9896-00038a000015}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c9f16ce0-4d39-11dd-98e2-00038a000015}]
\Shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c9f16ce1-4d39-11dd-98e2-00038a000015}]
\Shell\AutoRun\command - F:\AutoRun.exe
.
Contents of the 'Scheduled Tasks' folder
2009-04-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-30 00:34]
2009-05-04 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 07:20]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.facebook.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://uk.search.yahoo.com/search?fr=mcafee&p=%s
IE: &AOL Toolbar search - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: Open with WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta
TCP: {193AD1D4-F7CF-4269-8916-C026ECFC39F5} = 205.188.146.145
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-03 13:33
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
DLLs Loaded Under Running Processes
- - - - - - - > 'winlogon.exe'(612)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Completion time: 2009-05-04 13:35
ComboFix-quarantined-files.txt 2009-05-04 01:35
ComboFix2.txt 2009-05-03 03:39
ComboFix3.txt 2009-05-03 01:37
Pre-Run: 7,408,046,080 bytes free
Post-Run: 7,539,261,440 bytes free
244 --- E O F --- 2009-05-01 21:15(Angus is my dog, not me ...)
0 -
I did the malwarebyte scan after the combofix as you said and it came back with no suspicious items found.
Does that mean we're nearly there?
(Angus is my dog, not me ...)0 -
Limewire is a downloading program (usually used to download copyrighted content such as chart music). But plenty of files have trojans etc in too so my advice is to remove it yes (Aside from the fact that if the police or whoever are taking note you could end up in court)
And yes ~ id say your systems clean now
These are not needed but the following 2 programs are good for a general cleanup (computer generally runs a little quicker after using them)
Download CCLEANER (Make sure you click 'DOWNLOAD LATEST VERSION' ~ make sure YAHOO TOOLBAR is unticked on installation)
http://www.filehippo.com/download_ccleaner/
Run the CLEANER scan (UNTICK 'cookies')
Then run the REGISTRY scan (Backup the registry when it asks)
reboot
Download GLARY UTILITIES (Make sure you click 'DOWNLOAD NOW' ~ UNTICK the ASK toolbar on installation)
http://www.download.com/Glary-Utilities/3000-2094_4-10508531.html
Run the ONE CLICK scan:idea:0 -
Hi alienrik, thank you so much for all your help and patience. Really appreciate the time you gave. :A
I'll remove limewire and do as you suggest regarding keeping the computer clean.
Should I also keep the superantispyware program and run that regularly?
Thanks again(Angus is my dog, not me ...)0 -
Id suggest AGAINT glary utilities actually as somones reported a problem with it just today
Id suggest keeping Malwarebytes and Dupersntispyware:idea:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 348.9K Banking & Borrowing
- 252.4K Reduce Debt & Boost Income
- 452.7K Spending & Discounts
- 241.8K Work, Benefits & Business
- 618.4K Mortgages, Homes & Bills
- 176K Life & Family
- 254.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 15.1K Coronavirus Support Boards