mcafee Vs hjt (to start with)

Status
Not open for further replies.
N

nick.dude3

Posts: 6   +0
Hi all,

I was looking through the threads on slow running pc's for ideas on what my issue may be. I have had a 2 week lapse in renewing my AV (I know, I deserve everything I get) and my son has still been playing his online games and yesterday the pc started taking ages to boot up and to open programmes. everything seems to function ok when the programmes are open and there is no general sluggishness about the system, just this 'delay' in certain cases.

Anyway, I loaded my mcafee security centre last night and that hasnt found any problems. Having read through the forums here I began going through the recommended cleanup process but am having difficulty downloading hijackthis v2. I located and downloaded v1.99.1 with no problems but whenever v2 finishes downloading mcafee deletes it as a virus. I have tried downloading it from 2 different sources and get the same result. Does anyone have any idea whats going on? Im not even certain it is a virus/malware/spyware issue, but after reading some of these threads I now realise what a complete novice i am and how little I actually know.

Regards,
Nick
 
Hello and welcome to Techspot.

HijackThis_v2 is indeed the new version of HijackThis. I don`t know why McAfee is flagging it as a virus, when it clearly isn`t, this is obviously a false positive. You either need to tell McAfee to allow it, or temporarily turn McAfee off.

Post the HJT log as per these instructions HERE.

Regards Howard :)
 
reply

mcaffee is like one of our third party contacts here @work... It is mcaffee's job to check on that... if it says you need to upgrade and renew mcaffee you should do so... Just email me if you need contact numbers of pc manufacturers and anti virus software>>>> cyrillus_esp@hotmail.com<<<<<
the only advice I can give is have mcaffee check it out of maybe optimize the browser and check on the internet security properties and also the internet privacy settings....
 
Hi Howard,
Many thanks for your help so far. I went through the viruses/spyware/malware removal instructions once again. Housecall ran ok but seemed to stall when i told it to delete the infected files (there were quite a few, including 215 infections of the funwebproducts adware).
Moved on regardless and managed to download hjt v2 and changed the name ok. downloaded avg anti-spyware but the update would not run so I had a look at the manual download but am not sure where to save the AVG Anti-Spyware.lnk file.
Also, I have previously been unsuccessful when trying to download and install SS&D, and whilst loading mcafee IS suite 2007 2 days ago it told me I had to delete ad-aware SE personal. It has been a very long frustrating day!!

Regards,
Nick
 
Download the AVG Antispyware manual update from HERE. Double click the avg-signatures-full-current.exe to run the updates and follow the prompts.

Then post a fresh HJT log as well as an AVG Antispyware and Combofix logs.

Regards Howard :)
 
Hi Howard,
Well its taken a while but I finally have the hjt log. I have attached it along with the combofix and avg antispyware logs. The antirootkit scan found no rootkits. Not all of the tools I downloaded through the process worked properly though. Smitfraudfix opened what looked like a dos command prompt window but it was blank. Look2medestroyer was supposed to reopen after a minute but did nothing. Tried both several times but no change. Also, mcafee security centre would not open at all when the PC was in safe mode so did not complete virusscan, although it had run one when it was loaded recently.
The PC itself seems to be taking longer to boot up and is slower executing commands. Heres hoping you will have a solution.
Kind regards,
Nick
 
Your AVG Antispyware scan says "No Action taken" for all items. This is because you haven`t followed the instructions properly for using AVG Antispyware. You need to tell AVG Antispyware to quarantine it`s results. See HERE.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

Mywebsearch

Close control panel.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

mwsoemon.exe

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: (no name) - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - (no file)

O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSYYYYYYAZGB

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\PROGRA~1\MYWEBS~1<Delete the entire folder.

Reboot into normal mode and rehide your protected OS files.

Post a fresh HJT log as well as another AVG Antispyware log.

Regards Howard :)

This thread is for the use of nick.dude3 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Hi Howard,
Please find attached new HJT and AVG antispyware logs. The AVG log once again says no action taken, although I followed the instructions to the letter, as I was pretty sure I had the first time. I set it to quarantine the results prior to running the complete system scan. As I said previously I have had problems running several of the programs recommended in the Viruses-Spyware-Malware thread.
By the way I noticed the appearance of the Mywebsearch problem some months ago but I have not had any problems since just before contacting Techspot.
Best of luck. I hope you can help!!

Kind regards,
Nick
 
Please post a fresh HJT log from normal mode.

Locate and delete the following bold files and/or directories(if there).

C:\Program Files\Common Files\Real\WeatherBug<Delete the entire folder.

Regards Howard :)

This thread is for the use of nick.dude3 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Your HJT log is clean.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

Run the Ccleaner programme as per step9 of these instructions.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard :)

This thread is for the use of nick.dude3 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Status
Not open for further replies.

Similar threads

D
Need help with a lenovo thinkvision showing power saving mode
Replies
6
Views
2K
Donutmuncher
D
yRaz
Opinion: AI is a lot closer to being conscious than many people predict and we need to talk about that.
Replies
0
Views
1K
yRaz
yRaz
yRaz
My current switch from Microsoft to Linux, de-googling my life and what it takes.
Replies
2
Views
2K
yRaz
yRaz

Latest posts

Back