Unknown Spyware

I have copied and completed the 4 steps in the 'How to' removal (35407), the HSA (38772) removal and the HJT tutorial (38752). I deleted a few lines I didn't recognize in HijackThis but nothing seems to help.

A McAfee update popup appears 3 times on boot, and either the viruscan or firewall is disabled. Outgoing messages are no longer being checked for viruses.

Quicken files are missing back to 2004 and now the program opens to a new setup screen. I tried to restore from the backup CD but there is a file missing. Other data (NAIC Prospector) also reverted to 2004 data and restore said successful, but the files were dated 2004 and had been updated in July.

I had a difficult time using the XP backup of files and settings on 7/30 and have not tried to restore these from the CD as the problems had already begun.

The Word cursor has changed to a much larger bold I beam.

Please help me, I teach computer classes to the disabled and my system is sick!! Thanks.

 

Thanks Chaslang. I'm not sure that this is good, but it's the only place I could find an attachment link. Thanks for the help, Mary

 

Hi Chaslang, the first step was to disable System Restore, I did do this, and don't remember enabling it since I don't want to restore to a problem. I will remove and reinstall the McAfee products. I will also run SpySweeper again, and remove Tea Timer for the options list if I can. Should I repost afterwards? Thanks.

 

Chaslang, Spy Sweeper found nothing, Spybot had two finds of 'Windows Security Center antivirus disability notify' that I deleted. This has appeared and been deleted before. Thanks.

 

Chaslang, system restore was disabled when I checked, I do not have the files listed in step 2, hidden files and folders and extensions was enabled, and I re-downloaded and updated all the tools. I booted to safe mode and scanned with Bitdefender (no problems) and RavAntivirus (0 infected), then ran McAfee Stinger (205309 clean files).

Still in safe mode, I cleaned the hard drive with ccleaner according to the instructions, ran AdAware SE and Spybot (without TeaTimer). Spybot found 2 examples of 'Windows Security Center antivirusdisabilitynotify' which it removed (again). HSRemove always deletes 8 items when I run it.Then I ran all the others with no findings.

I also re-ran HijackThis from Programs and saved the log. I ran all the other tools on the list. a-squared found nothing, Avast found 'Micorsoft SQL server\MSSQL $Microsoft FTBCM/Data/Master Ldf and MDF', and Windows\System 32\catroot2\edb log and tmp.edb.

I couldn't run ADS Spy as I had an error message that it needed NTFS. I believe I am running Sun Java as I have followed the instructions in step 5. Let me know if you want the HiajckThis log.

Thanks.

 

Chaslang, are PMs Personal Messages? Am I supposed to be posting to the Software Forum? I have attached the log.

 

I am glad that the log is clean, but that does not explain why my Quicken files since November 2004 have disappeared, as did recent Excel files. There may be others I haven't discovered. It's like the firewall or something else has set a date block. I have manually uninstalled and reinstalled the McAfee Firewall and Virusscan, I think I'll call Quicken to see what they say. May I enable restore again and then restore my last backup of files and settings? Thanks for the help.