We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
Infected Laptop
Comments
-
OK, here is the 3rd ComboFix log.
Have removed Advanced System Optimizer.
Running Dr Web next.
ComboFix 10-04-08.02 - JanetteCarney 04/09/2010 14:47:04.4.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1526.1047 [GMT 1:00]
Running from: c:\documents and settings\janettecarney\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\janettecarney\Desktop\CFScript.txt
FILE ::
"c:\windows\system32\sasnative32.exe"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
((((((((((((((((((((((((( Files Created from 2010-03-09 to 2010-04-09 )))))))))))))))))))))))))))))))
.
2010-04-09 08:22 . 2010-04-09 08:22
d
w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2010-04-09 07:00 . 2010-04-09 07:00
d
w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2010-04-08 17:58 . 2010-04-08 18:04
d
w- c:\windows\ie8updates
2010-04-08 17:51 . 2010-02-25 06:24 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-04-08 17:51 . 2010-02-25 06:24 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-04-08 17:51 . 2010-02-25 06:24 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-04-08 17:51 . 2010-02-25 06:24 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-04-08 17:51 . 2010-02-25 06:24 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-04-08 17:31 . 2010-04-08 17:31
d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-04-08 17:25 . 2010-04-08 17:25
d-sh--w- c:\documents and settings\janettecarney\PrivacIE
2010-04-08 17:14 . 2010-04-08 17:14
d-sh--w- c:\documents and settings\janettecarney\IETldCache
2010-04-08 16:45 . 2010-04-08 16:48
dc-h--w- c:\windows\ie8
2010-04-08 16:21 . 2010-04-08 16:21
d
w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-04-08 16:19 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-04-08 16:18 . 2010-02-12 10:03 293376
w- c:\windows\system32\browserchoice.exe
2010-04-08 16:15 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-04-08 16:15 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-04-08 16:15 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-04-08 16:11 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-04-08 16:09 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-04-08 16:06 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-04-08 16:06 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-04-08 16:06 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-04-08 16:06 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-04-08 16:06 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-04-08 16:06 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-04-08 16:06 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-04-08 16:06 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-04-08 16:06 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-04-08 16:05 . 2008-05-03 11:55 2560
w- c:\windows\system32\xpsp4res.dll
2010-04-08 16:05 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-04-08 14:20 . 2010-04-09 07:30
d
w- C:\QUARANTINE
2010-04-08 13:14 . 2010-04-08 13:14
d
w- c:\windows\system32\scripting
2010-04-08 13:14 . 2010-04-08 13:14
d
w- c:\windows\l2schemas
2010-04-08 13:14 . 2010-04-08 13:14
d
w- c:\windows\system32\en
2010-04-08 13:14 . 2010-04-08 13:14
d
w- c:\windows\system32\bits
2010-04-08 13:09 . 2010-04-08 13:15
d
w- c:\windows\ServicePackFiles
2010-04-08 12:44 . 2008-04-14 00:12 276992
w- c:\windows\system32\wmphoto.dll
2010-04-08 12:42 . 2008-04-14 00:12 76800
w- c:\windows\system32\qutil.dll
2010-04-08 12:41 . 2008-04-14 00:12 33792
w- c:\windows\system32\mmcperf.exe
2010-04-08 12:40 . 2008-04-14 00:11 32285
w- c:\windows\system32\hsfcisp2.dll
2010-04-08 12:39 . 2008-04-14 00:11 136192
w- c:\windows\system32\aaclient.dll
2010-04-08 11:49 . 2010-04-08 11:49
d
w- c:\program files\TrendMicro
2010-04-08 11:32 . 2010-04-08 11:32
d
w- c:\program files\Common Files\Logitech
2010-04-08 11:30 . 2010-04-08 11:30
d
w- c:\documents and settings\janettecarney\Local Settings\Application Data\Downloaded Installations
2010-04-08 09:12 . 2010-04-08 09:12
d
w- c:\documents and settings\janettecarney\Application Data\Malwarebytes
2010-04-08 09:11 . 2010-03-29 14:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-08 09:11 . 2010-04-08 09:11
d
w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-08 09:11 . 2010-03-29 14:24 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-08 09:11 . 2010-04-08 09:12
d
w- c:\program files\Malwarebytes' Anti-Malware
2010-04-08 08:30 . 2010-04-08 08:30
d
w- c:\program files\CCleaner
2010-04-04 16:02 . 2010-04-09 12:56
d
w- c:\documents and settings\janettecarney\Application Data\Systweak
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-09 12:45 . 2009-04-21 21:44
d
w- c:\documents and settings\janettecarney\Application Data\Skype
2010-04-08 17:25 . 2007-02-07 13:13 23768 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-08 13:20 . 2005-09-08 13:39 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-08 11:49 . 2010-04-08 11:49 388096 ----a-r- c:\documents and settings\janettecarney\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-04-04 16:51 . 2007-06-18 13:47
d
w- c:\documents and settings\janettecarney\Application Data\Image Zone Express
2010-03-29 18:53 . 2009-04-21 21:49
d
w- c:\documents and settings\janettecarney\Application Data\skypePM
2010-03-08 14:48 . 2005-09-09 05:42
d
w- c:\program files\Citrix
2010-03-08 14:47 . 2010-03-08 14:47 70984 ----a-w- c:\documents and settings\janettecarney\g2mdlhlpx.exe
2010-03-08 14:40 . 2009-04-21 21:43
d
r- c:\program files\Skype
2010-03-08 14:40 . 2010-03-08 14:40
d
w- c:\program files\Common Files\Skype
2010-03-08 14:40 . 2009-04-21 21:43
d
w- c:\documents and settings\All Users\Application Data\Skype
2010-03-01 13:00 . 2007-08-01 08:05
d
w- c:\program files\HOTALBUMMyBOX
2010-03-01 12:43 . 2010-03-01 12:43 390528 ----a-w- c:\windows\system32\drivers\RapportBuka.sys
2010-03-01 12:43 . 2010-03-01 12:43 390528 ----a-w- c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportBukaBroom\13897\RapportBuka.sys
2010-03-01 12:43 . 2010-03-01 12:43 249856 ----a-w- c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportBukaBroom\13897\RapportBukaBroom.dll
2010-02-26 05:43 . 2010-02-26 05:43 81920
w- c:\windows\system32\ieencode.dll
2010-02-25 06:24 . 2005-07-03 02:11 916480
w- c:\windows\system32\wininet.dll
2010-02-11 15:15 . 2010-02-11 15:15
d
w- c:\documents and settings\NetworkService\Application Data\Trusteer
2010-02-11 12:32 . 2010-02-11 12:32
d
w- c:\documents and settings\LocalService\Application Data\Trusteer
2010-02-11 11:48 . 2010-02-11 11:48
d
w- c:\documents and settings\janettecarney\Application Data\Trusteer
2010-02-11 11:46 . 2010-02-11 11:46
d
w- c:\program files\Trusteer
2010-02-11 11:42 . 2010-02-11 11:42
d
w- c:\documents and settings\All Users\Application Data\Trusteer
2004-08-04 03:00 . 2005-09-09 05:58 73728 --sha-w- c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-21 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MBBalloon"="c:\program files\HOTALBUMMyBOX\MBBalloon.exe" [2006-12-15 787096]
"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\udaterui.exe" [2008-11-10 136512]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"TalkTalk"="c:\program files\TalkTalk\bin\sprtcmd.exe" [2007-10-12 202016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
MediaChecker.lnk - c:\program files\HOTALBUMMyBOX\MediaChecker.exe [2006-12-15 913560]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{606427C1-E5F0-4001-832B-BD7DF391ECA7}"= "c:\windows\system32\wex4962\EMMeterHook760.dll" [2006-06-06 163840]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BT Broadband Desktop Help.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BT Broadband Desktop Help.lnk
backup=c:\windows\pss\BT Broadband Desktop Help.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2004-09-13 10:33 155648 ----a-w- c:\program files\Apoint\Apoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiPTA]
2001-09-19 09:20 245760 ----a-w- c:\windows\system32\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
2007-03-16 17:10 1392640 ----a-w- c:\windows\system32\WLTRAY.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360
w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2004-04-26 07:04 53248
w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EMMeter]
2006-06-06 13:24 552960 ---ha-w- c:\windows\system32\wex4962\EMMeter.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2004-09-13 14:49 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
2006-10-18 16:58 696320 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]
2006-10-18 17:04 802816 ----a-w- c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfeeUpdaterUI]
2008-11-10 16:00 136512 ----a-w- c:\program files\Network Associates\Common Framework\UdaterUI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinVNC]
2005-08-06 17:45 974848 ----a-w- c:\program files\UltraVNC\winvnc.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\UltraVNC\\winvnc.exe"=
"c:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\TalkTalk\\agent\\bin\\bcont.exe"=
"c:\\Program Files\\Common Files\\SupportSoft\\bin\\tgsrvc.exe"=
"c:\\Program Files\\TalkTalk\\agent\\bin\\bcont_nm.exe"=
"c:\\Program Files\\TalkTalk\\bin\\sprtcmd.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [8/1/2007 9:07 AM 15172]
R1 RapportBuka;RapportBuka;c:\windows\system32\drivers\RapportBuka.sys [3/1/2010 1:43 PM 390528]
R1 RapportKELL;RapportKELL;c:\program files\Trusteer\Rapport\bin\RapportKELL.sys [3/15/2010 1:47 PM 58984]
R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [3/15/2010 1:47 PM 116328]
R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [3/15/2010 1:47 PM 779496]
R2 sprtsvc_TalkTalk;SupportSoft Sprocket Service (TalkTalk);c:\program files\TalkTalk\bin\sprtsvc.exe [10/12/2007 9:33 AM 202016]
R2 tgsrvc_TalkTalk;SupportSoft Repair Service (TalkTalk);c:\program files\Common Files\SupportSoft\bin\tgsrvc.exe [8/2/2007 2:42 PM 148768]
S3 ati2mpab;ati2mpab;c:\windows\system32\drivers\ati2mpab.sys [9/16/2005 10:13 PM 299776]
S3 ati2mtai;ati2mtai;c:\windows\system32\drivers\ati2mtai.sys [9/16/2005 9:14 PM 346752]
S3 atimtai;atimtai;c:\windows\system32\drivers\atimtai.sys [7/7/2003 11:03 PM 281600]
S3 CBEN5;Xircom CardBus Ethernet 10/100 Adapter family;c:\windows\system32\drivers\cben5.sys [9/16/2005 9:40 PM 50498]
S3 cwbmidi_device;Crystal WDM MPU-401 UART Driver;c:\windows\system32\drivers\cwbmidi.sys [9/16/2005 7:13 PM 3072]
S3 cwbwdm_device;Crystal WDM Audio Codec Driver;c:\windows\system32\drivers\cwbwdm.sys [9/16/2005 7:12 PM 72832]
S3 EL556;3Com 10/100 Mini PCI Ethernet Adapter NDIS 5.0 Driver;c:\windows\system32\drivers\EL556ND5.sys [7/7/2003 11:04 PM 58951]
S3 EL556ND5;3Com 10/100 MiniPCI Ethernet Adapter Driver;c:\windows\system32\drivers\EL556ND5.sys [7/7/2003 11:04 PM 58951]
S3 maestro;ESS Maestro2E Audio Driver (WDM);c:\windows\system32\drivers\essm2e.sys [6/6/2002 1:22 PM 137088]
S3 neo20xx;neo20xx;c:\windows\system32\drivers\neo20xx.sys [9/16/2005 9:39 PM 39264]
S3 wdm_nm6;NeoMagic MagicMedia 256 + AC97 Driver (WDM);c:\windows\system32\drivers\nm6wdm.sys [9/16/2005 9:39 PM 87040]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.aol.co.uk/talktalk
mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
uInternet Connection Wizard,ShellNext = hxxp://www.dell.co.uk/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Search with Wanadoo - c:\progra~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
DPF: Microsoft XML Parser for Java - [URL]file://c:\windows\Java\classes\xmldso.cab[/URL]
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-09 15:05
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\
.
DLLs Loaded Under Running Processes
- - - - - - - > 'explorer.exe'(9388)
c:\windows\system32\WININET.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\program files\Trusteer\Rapport\bin\rooksbas.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Other Running Processes
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Intel\Wireless\Bin\WLKeeper.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Network Associates\Common Framework\FrameworkService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\HPZipm12.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Network Associates\Common Framework\naPrdMgr.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Citrix\ICA Client\ssonsvr.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Completion time: 2010-04-09 15:12:00 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-09 14:11
ComboFix2.txt 2010-04-09 07:59
ComboFix3.txt 2010-04-08 15:07
Pre-Run: 17,654,845,440 bytes free
Post-Run: 17,705,816,064 bytes free
- - End Of File - - AB4D04C3D0969BD1A72BAC99DEADF247No free lunch, and no free laptop
0 -
Apologies (Im pretty tired today)
This needs removing too ~
c:\documents and settings\janettecarney\g2mdlhlpx.exe:idea:0 -
Just delete that manually RIK?No free lunch, and no free laptop0
-
Use a notepad file with combofix or ~
Open malwarebytes
Goto MORE TOOLS
then RUN TOOL:idea:0 -
Already deleted it manually I'm afraid-it didn't put up a struggle though.
Dr Web full scan about 70% through, do I 'Cure' everything it finds?
Seems to think a TalkTalk file(legit I think) is DLOADER trojan?No free lunch, and no free laptop0 -
I tend to try cure first, then MOVE 2nd (quarantine)
If you think its legit then let it be
Just bear in mind the computers definitely had some nasty trojans:idea:0 -
Thanks, will post Dr Web log when it's done (still scanning). Hope that will be it.No free lunch, and no free laptop0
-
OK, have moved the 5 things that Dr Web found.No free lunch, and no free laptop0
-
RIK, the issue now is that I can't remove the program referred to in post 9, despite trying what was suggested on the link you included. Seems to be a problem with Windows Installer, as when I now try to uninstall anything (trying to remove McAfee) this pops up and tells me that another instance is already running-which is the one relating to Express Software manager Client'. The system keeps looking for the files to reinstall this software, which it can't find, and then says it can't continue.
Have removed McAfee Viruscan, but there is another program called McAfee Agent/McAfee Enterprise still running. I can't work out how to disable this so that I can try to uninstall it. The McAfee Removal Tool won't do it.No free lunch, and no free laptop0 -
google "remove/delete Express Software Manager Client" the removal procedure apparently is manual method only, I did it once for a client and it is a bit involved, I had it bookmarked at one time but its got discarded since I upgraded to win 7. Can't you stop it starting by using msconfig ?0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.5K Banking & Borrowing
- 254.2K Reduce Debt & Boost Income
- 455K Spending & Discounts
- 246.6K Work, Benefits & Business
- 602.9K Mortgages, Homes & Bills
- 178.1K Life & Family
- 260.6K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards