Jump to content


Photo

Hold my hand...


  • Please log in to reply
7 replies to this topic

#1 glaufman

glaufman

    Active Member

  • Active Members
  • 26 posts

Posted 06 July 2009 - 08:47 PM

Hi. My wife complained her computer was running real slow, so I started taking a look...
I started with a virus scan. The definitions are 5 mos out of date. This is McAfee, which we supposedly get a free subscription to through her work as she logs on from home. Anyway, it won't update the definitions.
Adaware won't run.
I managed to boot into safe mode w/ networking, and ran CA's online scanner. It came up with a number of threats of varying levels, most of which are in the registry. But there's no info on wha tto do with this info (that I can find).

At the top of CAs list was some cookies, so I started by deleting all her cookies and other browsing history.
Next on the CA list were a number of things such as Bonzibuddy and lycossearch and webbar that it gave registry locations for. So I went into regedit and started deleting the entries one by one, but by the second one I realized what I was doing was probably pretty dangerous.

So I don't know where to go from here. Short of purchasing a new AV program etc (I would feel cheated since we're supposed to have McAfee)... if CA connected a registry entry to a threat, is it ok to delete that entry?

Right now I have McAfee scanning for viruses, but at 5 mos out of date, I wouldn't be surprised if it came up with nothing. Frankly, I wouldn't be surprised if there isn't a virus, and this is all due to other malware, but I'm not sure what I'm supposed to do now.

Please hold my hand through this, and hopefully, teach me something so next time I don't have to ask for help...

#2 Chachazz

Chachazz

    Is GSF inventory

  • General Admin
  • 36,503 posts

Posted 06 July 2009 - 11:57 PM

Hi glaufman; Welcome to GSF hello.gif ; Let's start here -

The McAfee Engine 5100 is not supported since January 2008; maybe the machine has the old version/engine, and it no longer updates. If so, remove it following McAfee's directions here
http://service.mcafe...spx?id=TS100507

RevoUninstaller is very helpful as it will do a good cleanup of left over files, and there is a portable version that doesn't even require full install.
http://www.revounins...e_download.html

If you wish to stay with McAfee get a current version.
There are also several free, good Antivirus/Antispyware...
Avira
AVG
Avast

or you might want to look at Comodo Internet Security because it has HIPS included
(host intrustion prevention...far more important than an AV intoday's web environment.)

Always take your time installing software and look for any other bundled software, such as yahoo, google, ask toolbars, etc and uncheck the option boxes because it's just not needed!


Please drop into our Malware Cleanup forum and let our Expert help you clean up that machine!
http://gladiator-ant...p?showforum=170

#3 glaufman

glaufman

    Active Member

  • Active Members
  • 26 posts

Posted 07 July 2009 - 12:02 AM

QUOTE (Chachazz @ Jul 6 2009, 07:57 PM) <{POST_SNAPBACK}>
Hi glaufman; Welcome to GSF hello.gif ; Let's start here -

The McAfee Engine 5100 is not supported since January 2008; maybe the machine has the old version/engine. If so, remove it following McAfee's directions here
http://service.mcafe...spx?id=TS100507

RevoUninstaller is very helpful as it will do a good cleanup of left over files, and there is a portable version that doesn't even require full install.
http://www.revounins...e_download.html

Well, that's certainly good info. Thanks! Now I'm pissed at my wife's employer for not keeping us up to date. In the meantime, I've gone and run another of the online scanners, from AHN, that picked up ndnuninstall in 7 copies of 3 flavors... it wouldn't remove it, but it told me where it was and I deleted it manually... machine is rebooting now...

#4 glaufman

glaufman

    Active Member

  • Active Members
  • 26 posts

Posted 07 July 2009 - 12:04 AM

My ISP offers a free license for CA... I'm running it on my laptop, so I'm kinda familiar with it... is it considered any good?

#5 glaufman

glaufman

    Active Member

  • Active Members
  • 26 posts

Posted 07 July 2009 - 12:05 AM

It claims its engine 5300... is that still supported?

Edited by glaufman, 07 July 2009 - 12:15 AM.


#6 Chachazz

Chachazz

    Is GSF inventory

  • General Admin
  • 36,503 posts

Posted 07 July 2009 - 12:30 AM

Yes, 5300 is current..so what's keeping it from updating?

Your system may likely experience conflicts with multiple AV products,.. McAfee and CA are both adequate..it's best to choose one, and remove the other.

Check into our Malware Cleanup forum..they'll help you 'clean up':
http://gladiator-ant...p?showforum=170

#7 glaufman

glaufman

    Active Member

  • Active Members
  • 26 posts

Posted 07 July 2009 - 12:43 AM

This machine is only running McAfee right now... not sure what's preventing the update... it's scheduled to do it at startup, but it failed. I ran it manually, and it said it was successful, but when I try and do a scan it says it's out of date.



#8 glaufman

glaufman

    Active Member

  • Active Members
  • 26 posts

Posted 07 July 2009 - 01:54 AM

Well, looks like I managed to manually download the update to another moachine, transfer it over with a thumbdrive, and install it manually... I'm now at DAT 5668 and running a scan now to see what it comes up with.