JerryRecords
2006-11-30, 21:42
Yea, i know, someone might tell me to go to the mcafee forum and post this, but this also leads to some results i found in SpyBot S&R Version 4.1
Recently I had run CCleaner, and i've noticed some of the startup items were renamed with some upper case letters, and their names were looking a little weird. Also, i've noticed the same names when i ran spybot. Some of these same files were renamed also, they're mostly from McAfee, and one from Yahoo Messenger (Yahoo Pager).
1. mcagent.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe -regserver
2. mclogsrv.exe
c:\PROGRA~1\mcafee\msc\mclogsrv.exe -regserver
3. McENUI
c:\PROGRA~1\mcafee\MSK\MskAgent.exe
4. C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
5. C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
6. c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
7. c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
8. C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
9. C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
10. Yahoo Pager
C:\PROGRA~1\Yahoo!~1\YAHOOM~1.EXE
I tried blocking these entries because i thought they were infected. So, i did, then deleting some of these entries made the McAfee Privacy Service from malfunction. Everytime I booted my system up, the Tea Timer.exe from SpyBot would block mcagent.exe and some other .exe file. Therefore the red x icon would show up on the taskbar, stating my computer wasn't fully protected. I tried the fix button and nothing happened until i clicked the update icon. So, i went to the tea timer "settings" tab, and i unchecked the mcagent.exe file off the blocked list. so not it allowed the privacy service to fully install.
Now my only problem is the renamed files.
Ever since i've got the system, bout a year ago. It tried running some sort of program in the taskbar. You could see some activity on the taskbar like a black program tried to open. My thoughts would be it was something running in the background. This got worst within time, and now it locks up my system, it freezes my windows, and i could click nothin. All it does is makes a sound like if you pressed many keys all at once, simultaneously. I've also noticed in the taskbar many processes doubling up, using alot of CPU, and perhaps eating up my memory. I tried various utilities, Spybot Search & Destroy, McAfee Total Protection, a previous Symantec Antivitus (It's now unstalled, because their .exe file was renamed also, and i got mcafee instead thinking it would work), SpyDoctor (also had renamed .exe files), SpySweeper (does not detect anything), System Mechanic Pro 6 (no antivirus or firewall installed), and Yahoo AntiSpy.
None of these programs would have any hits except for SpyBot Search & Destroy 4.1. It came up with:
antivirus "disable notify", or "override". I try fixing some of the problems, and it fixes them. After I reboot the system, i encounter the same errors only tho, i try running spybot again, and it does not return any hits. Why?
Is there anytthing i can do to take care of the renamed files? The yahoo, mcafee and some other local administrator files keep being infected.
-------------------SpyBot Search & Destroy Results Ver. 4.1------------------
--- Search result list ---
Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0
Microsoft.WindowsSecurityCenter.FirewallDisableNotify: Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0
---------------------------------------------------------------------
Also, i did not disable the antivirus or firewall myself. I have re-imaged my system 7 times already, and everytime i've connected back to the internet to get the updates, i got infected again. This happened whenever i tried getting my utility programs again.
Here is my computer info. Hope this is useful, and someone could help me! I'm really tired of posting this somewhere else.
Operating System: Windows XP Pro.
Memory: 504 MB RAM
Don't and haven't had any other operating system.
File System: NTFS
Broadband: MOdem
McAfee:
Security Center
Version: 7.1
Build: 7.1.134
VirusScan
Build: 11.1.124
Dat Version: 4906.0000
Engine Version: 5100.0194
Personal Firewall
Version: 8.1
Build: 8.1.123
Site Advisor:
Version: 2.1
Build: 2.1.4608
SpamKiller:
Version: 8.1
Build: 8.1.117
Content Version: 8.0.179.0
Privacy Service:
Vesion: 9.1
Build: 9.1.130
Wireless Network Security:
Version: 2.1
Build: 2.1.123
Easy Network:
Version: 1.1
Build: 1.1.110
Data Backup:
Version: 1.1
Build: 1.1.121
Recently I had run CCleaner, and i've noticed some of the startup items were renamed with some upper case letters, and their names were looking a little weird. Also, i've noticed the same names when i ran spybot. Some of these same files were renamed also, they're mostly from McAfee, and one from Yahoo Messenger (Yahoo Pager).
1. mcagent.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe -regserver
2. mclogsrv.exe
c:\PROGRA~1\mcafee\msc\mclogsrv.exe -regserver
3. McENUI
c:\PROGRA~1\mcafee\MSK\MskAgent.exe
4. C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
5. C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
6. c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
7. c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
8. C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
9. C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
10. Yahoo Pager
C:\PROGRA~1\Yahoo!~1\YAHOOM~1.EXE
I tried blocking these entries because i thought they were infected. So, i did, then deleting some of these entries made the McAfee Privacy Service from malfunction. Everytime I booted my system up, the Tea Timer.exe from SpyBot would block mcagent.exe and some other .exe file. Therefore the red x icon would show up on the taskbar, stating my computer wasn't fully protected. I tried the fix button and nothing happened until i clicked the update icon. So, i went to the tea timer "settings" tab, and i unchecked the mcagent.exe file off the blocked list. so not it allowed the privacy service to fully install.
Now my only problem is the renamed files.
Ever since i've got the system, bout a year ago. It tried running some sort of program in the taskbar. You could see some activity on the taskbar like a black program tried to open. My thoughts would be it was something running in the background. This got worst within time, and now it locks up my system, it freezes my windows, and i could click nothin. All it does is makes a sound like if you pressed many keys all at once, simultaneously. I've also noticed in the taskbar many processes doubling up, using alot of CPU, and perhaps eating up my memory. I tried various utilities, Spybot Search & Destroy, McAfee Total Protection, a previous Symantec Antivitus (It's now unstalled, because their .exe file was renamed also, and i got mcafee instead thinking it would work), SpyDoctor (also had renamed .exe files), SpySweeper (does not detect anything), System Mechanic Pro 6 (no antivirus or firewall installed), and Yahoo AntiSpy.
None of these programs would have any hits except for SpyBot Search & Destroy 4.1. It came up with:
antivirus "disable notify", or "override". I try fixing some of the problems, and it fixes them. After I reboot the system, i encounter the same errors only tho, i try running spybot again, and it does not return any hits. Why?
Is there anytthing i can do to take care of the renamed files? The yahoo, mcafee and some other local administrator files keep being infected.
-------------------SpyBot Search & Destroy Results Ver. 4.1------------------
--- Search result list ---
Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0
Microsoft.WindowsSecurityCenter.FirewallDisableNotify: Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0
---------------------------------------------------------------------
Also, i did not disable the antivirus or firewall myself. I have re-imaged my system 7 times already, and everytime i've connected back to the internet to get the updates, i got infected again. This happened whenever i tried getting my utility programs again.
Here is my computer info. Hope this is useful, and someone could help me! I'm really tired of posting this somewhere else.
Operating System: Windows XP Pro.
Memory: 504 MB RAM
Don't and haven't had any other operating system.
File System: NTFS
Broadband: MOdem
McAfee:
Security Center
Version: 7.1
Build: 7.1.134
VirusScan
Build: 11.1.124
Dat Version: 4906.0000
Engine Version: 5100.0194
Personal Firewall
Version: 8.1
Build: 8.1.123
Site Advisor:
Version: 2.1
Build: 2.1.4608
SpamKiller:
Version: 8.1
Build: 8.1.117
Content Version: 8.0.179.0
Privacy Service:
Vesion: 9.1
Build: 9.1.130
Wireless Network Security:
Version: 2.1
Build: 2.1.123
Easy Network:
Version: 1.1
Build: 1.1.110
Data Backup:
Version: 1.1
Build: 1.1.121