Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
2084 Views 3 Replies Latest reply: Apr 12, 2011 6:26 PM by djcavazos RSS
djcavazos Newcomer 2 posts since
Apr 8, 2011
Currently Being Moderated

Apr 8, 2011 6:08 PM

McAfee Antivirus Plus

I have a question I hope someone might be able to help. Is it possible for a valid version of McAfee Antivirus Plus to somehow become disabled, deleted, or configured differently by a smart hacker? I noticed on my Add or Remove Programs options in Windows XP it showed that I rarely ever use this program, but I have used it on a regular basis to my undestanding. I tried logging on McAfee Antivirus Plus but it prompts me that I have the wrong password and I only have one more try before it becomes disabled.

I requested the password reminder to be sent to my email address but I haven't received it. In order to get more information I would have to pay McAfee to speak to someone I found out recently online. I'm hoping that I can get some information or help here.

I see on my computer that there is a folder called Mcafee and another called Mcafee.com. On my McAfee Firewall settings it always enables a program called Generic Host Process for Win32 Services. I attempted to delete the program or somehow disable it to see if that could be malware, but I am not allowed to remove or change it.

I allowed an acquaintance to use a memory stick on my laptop to copy some videos I had and I have the feeling he installed some type of malicious program as well to gain access to my system.

To add complications, I bought one of those Android phones that is way too complicated for someone like myself.

I used the usb connection it came with because I wanted to save some pics and small files to my laptop. I transferred them but now see that my computer is showing an icon called "Iphone" . It is listed as a System File and when I open the "Iphone" icon, it shows "My Documents" and all the folders within it. I tried deleting it but it doesn't allow me to. I looked at my User Settings and it shows on my desktop folder, but it's not on there physically. It's listed under My Computer. I am afraid that this has given someone access to it since it seems to be placed in my Desktop when it was installed.

I am seriously thinking about starting over and getting a new laptop or deleting McAfee and starting over. but I really wish I could figure out if mine is infected before I spend alot of money I really don't have..

Thanks!!!

Daniel

  • Peacekeeper Volunteer Moderator 21,334 posts since
    Nov 23, 2002
    Currently Being Moderated
    1. Apr 9, 2011 5:19 AM (in response to djcavazos)
    Re: McAfee Antivirus Plus

    First see if you are infected. Do you really have to log onto Mcafee really all you need to do is click on the Shield and open it and scan your PC once Mcafee updated.

     

    Run MCPR that will remove mcafee then reinstall it

    http://service.mcafee.com/FAQDocument.aspx?lc=1033&id=TS100507

     

    Before reinstalling check if you are infected

    Run the free Mcafee Stinger program from http://vil.nai.com/vil/stinger/ -

     

    Download here latest version of getsusp https://community.mcafee.com/thread/32269

    Before you use Getsusp, you should go to this document

    https://community.mcafee.com/docs/DOC-1323

    and download the PDF file explaining what Getsusp is and how it works, and this document

    https://community.mcafee.com/docs/DOC-1761

    which downloads the installation guide PDF document. Ensure you note what it finds re suspicious and unknown program and add your email address to the preferences.

     

    If you want a second opinion, or to be on the safe side, then you can do a scan with the free versions of these tools :

    Malwarebytes and SuperAntiSpyware

     

    If you already have Malwarebytes installed, the virus could be protecting itself against it. In that case, in order to get Malwarebytes running you'll need to rename the executable. Open theC:\Program Files\Malwarebytes Antimalware folder, then rename the "mbam.exe" file and double-click directly on the file to open the program. After updating the program, run a full system scan usingMalwarebytes.

     

    Make sure both programs are updated to the latest versions before running them and let them clean anything they find. If they quarantine a file or fail to remove a file try to get a copy of itand send it to Mcafee using the virus submission path described here :

     

    Send the file to mcafee labs at http://vil.nai.com/vil/submit-sample.aspx

     

    Message was edited by: Peacekeeper on 9/04/11 8:19:11 PM

    Tony
    Volunteer Moderator
    Mcafee Total Protection 7.0 beta, Windows 8 64bit
    No Unrequested PMs please
    Do you have an idea for improving McAfee products? Please share it in the new Ideas community space!  NOTE: You must register an account first.

  • paullotion Apprentice 8,078 posts since
    Apr 13, 2006
    Currently Being Moderated
    2. Apr 9, 2011 5:14 AM (in response to djcavazos)
    Re: McAfee Antivirus Plus

    Hello -

     

    Malicious files allowed to run on your system can delete and or uninstall your antivirus, you don`t need a hacker to do it.

     

    As to add/remove, i have the same thing on my system - pay no attention to it.

    Leave the two mcafee folders installed, this is quite normal.

    As too Generic Host Process for Win32 Services, leave that alone as well, it is required by certain programmes/process - without it you may not be able to connect to the internet. Also never try and delete something unless you know what it is.

     

    I doubt very much your friend installed malware onto your system.

     

    If you bought an iPhone then i would expect to see an iPhone folder on your system, again nothing malicious  there.


    The Black Bear

    *Important News for BT/TalkTalk customers*

    BT/TalkTalk dump Phorm spyware, for more information see this article Here , also visit the NODPI website for much more information relating to DPI.

More Like This

  • Retrieving data ...

Bookmarked By (1)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points