How to delete remains of antivirus program [Solved/Closed]

- - Latest reply: Ambucias
Posts
51374
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
December 11, 2019
- Mar 14, 2010 at 02:43 PM
Hello,firstly this windows 7 install many antivirus,so i uninstall it,then go program files delete,program data,and appdata folder then clear its registry using ccleaner,then go to regedit to find it,then go to folder name call windows,system32,drivers to delete i find it by scrolling down seeing its date,i search for 2010 than make sure it is the antivirus driver then i delete the driver file,but there is any other ways to delte it complety?help
See more 

9 replies

0
Thank you
and i am lazy now,using hijackthis to remove a wensite ambucias warn me and a bho no file but which antivirus good,i feel like now all the antivrus are crap!!!!!!!!!!!!
Posts
51374
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
December 11, 2019
13496
0
Thank you
Hello Sumana,

You are back!

I'am not sure I quite understand your problem. Do you have another Virus?

Explain a little more.

Please Sumana, send me another Hyjackthis log and I will see what I can do for you.
hello my friend nice to see u back too,my queastion is how to remove ALL THE FILES AND REMAINS OF ANTIVIRUS INCLUDING REGISTRY AND DRIVERS,AND THE FOLDER PROGRAM DATA AND APPLICATION DATA,and i am still stuck on antivirus which one i should use? this is a hijackthis log Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:21:15 PM, on 13/3/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Microsoft Office\Office14\OfficeSAS\officeSASscheduler.exe
C:\Users\Sudamma Soh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sudamma Soh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sudamma Soh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O4 - Global Startup: OfficeSAS.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.kuaiche.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{47C1CDA4-311D-475B-BE9A-63CB257CCAFD}: NameServer = 202.188.0.133 202.188.1.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{47C1CDA4-311D-475B-BE9A-63CB257CCAFD}: NameServer = 202.188.0.133 202.188.1.5
O17 - HKLM\System\CS2\Services\Tcpip\..\{47C1CDA4-311D-475B-BE9A-63CB257CCAFD}: NameServer = 202.188.0.133 202.188.1.5
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\system32\urlmon.dll
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - Protocol: mbox - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - Protocol: mboxflash - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\system32\urlmon.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
Posts
51374
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
December 11, 2019
13496
0
Thank you
Hello Sumana,

Your Hyjackthis log looks fine, nothing to remove there.

But, I can't see your antivirus application! What happened?
i stuck with antivirus i think there some remains of antivirus on my computer but i already clear everything,recently i test out vipre but it make my comp cannot go on internet,but which antivirus is light,effective,and doesn slow download speed internet browsing and computer can u recommend one pls
Posts
51374
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
December 11, 2019
13496
0
Thank you
Sumana, as I told you before, no antivirus is perfect, the lighter one may not be as effective, the heavier ones have more functions and scanning engines. You seem to have almost tried them all. When on internet make sure that you don't have other applications running at the sametime. Also, once in a while, when things are getting slow, with CCleaner, clean your temporary internet files.

I am not 100% sure they are lighter, but a lot of people use Panda or Bitdefender. I use F-Secure but your certainly would not like it.

I had never heard about Vipre but if it does not let you go on Internet you may as well do without and stick with the known products.

As I said, when on the net, do not run other applications and clean your temp files when it is getting slow.

Ambucias
got other suggestions of free antivirus thx
sry to bother u again could u check this website wheter it is safe or not http://www.video2mp3.net/
Posts
51374
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
December 11, 2019
13496
0
Thank you
The link looks okay, I did not get any warning.

You may wish to read this for your choice of antivirus.

Remember, if you have a antivirus without a firewall, you will need to rely on your Windows firewall which is not 100% safe, I once got infected with a Windows firewall bypass.

http://ccm.net/faq/193-choose-the-best-antivirus.
u think it is good to use avira or bitdefnder free?
nvm,i think the best is avira personal i am using it now,comodo is very good,unfortunately it detected my game launcher game guard is a virus do i cannot use a other firewall instead of windows firewall,do avira slow internet download speed when scan?
Posts
51374
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
December 11, 2019
13496
0
Thank you
Hello,

When it is free, you don't get a firewall and I would not do without to prevent intrusions.
thx for advice but what i should do now?
Posts
51374
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
December 11, 2019
13496
0
Thank you
Sumana,

It is up to you to decide.

I remember telling you about Startuplite which prevents the running of unecessary applications from running in the background which helps to preserve your resources while playing games. Did you use StartupLite?

Also, I told you about CCleaner to clean your temporary files, once in a while during your game play, again to regain some resources.

You have a good fast machine with lots of RAM, so if you do the above, there is no reason why Kaspersky Internet Security should cause you any problems. Last year I had KIS and it worked fine for me.
thx for advice it really help bye ,ur my best friend
Posts
51374
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
December 11, 2019
13496
0
Thank you
Well you are my best friend too

Bye
Posts
51374
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
December 11, 2019
13496
0
Thank you
Hell Sumana,

I suggest that you become a member of Kioskea. In case of need, you could contact me directly rather than just asking another question in the hope that I see it.

Bye