security override

Discussion in 'Malware Help (A Specialist Will Reply)' started by edbo20, Dec 1, 2012.

  1. edbo20

    edbo20 Corporal

    this is for my personal pc.

    I ran a couple of different scans and a security center override pops up.

    Can you review my logs for me?
     

    Attached Files:

    edbo20, Dec 1, 2012
    #1
  2. edbo20

    edbo20 Corporal

    logs
     

    Attached Files:

    edbo20, Dec 1, 2012
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Are you referring to the below line in your Spybot log?

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride

    If so this is a normal/valid registry key. What DWORD value appears there is what is important on whther there is an override or not. Normal value is 0. You seem to have no value which means the same as default which is 0.

    Also the SAS log with the below shows the similar kind of non-issue for the DisableNotify value.

    The below junk in your lab is an issue. Are you getting any popups anywhere from the Ammyy junk?
    O23 - Service: Ammyy Admin (AmmyyAdmin) - Unknown owner - C:\Documents and Settings\TODD EDWARDS\Local Settings\Temporary Internet Files\Content.IE5\JS72DKSG\AA_v2[1].exe
     
    Last edited: Dec 1, 2012
    chaslang, Dec 1, 2012
    #3
  4. edbo20

    edbo20 Corporal

    Ammyy was used today to try and remove McAfee from this computer. I didn't realize it was another company. I thought it was McAfee.

    Can we remove it? Thanks
     
    edbo20, Dec 1, 2012
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    By who was it used?
     
    chaslang, Dec 1, 2012
    #5
  6. edbo20

    edbo20 Corporal

    A third party that I called to remove McAfee. I thought it was McAfee. It had McAfee in the address. They tried to sell me their service. I can't replicate it to find out who they were. They used Ammy to access the computer.
     
    edbo20, Dec 1, 2012
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    chaslang, Dec 1, 2012
    #7
  8. edbo20

    edbo20 Corporal

    It is my laptop and it has my company's security software on it. I don't like that in particular. I was going to try and remove it, but I might as well keep it. It's an XP machine and will be obsolete soon.

    I read the attached article. I didn't give any information but they did have control of the machine. Is there anything I can do from here?

    Thank you for helping.
     
    edbo20, Dec 1, 2012
    #8
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    If you want to remove McAfee, try using the below:

    McAfee Consumer Product Removal Tool

    Tou remove that Ammyy service, try this:

    Open a command prompt window by clicking Start, Run, and enter cmd and click OK. If the window opens type each of the below commands in. Follow each by the enter key. Note there are spaces after the sc and after the stop and after the delete.

    sc stop AmmyyAdmin
    sc delete AmmyyAdmin
     
    chaslang, Dec 4, 2012
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds