2 Replies Latest reply on Dec 6, 2009 7:36 PM by AustinGuy

    McAfee Scan Detects 0, But Norton Finds 2 Viruses: Infostealer.Gampass & Bloodhound.Exploit.196

      I'm trying to fix my Mother's computer.  She has paid for McAfee SecurityCenter (which is up-to-date) and when I run a scan on all files, it detects nothing.  However I went online and ran a free Norton scan, and it found 2 viruses in 3 files:

       

      C:\WINDOWS\system32\arexloev.dll is infected with Infostealer.Gampass

       

      C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\9G6IIAJZ\drvw[1].pdf is infected with Bloodhound.Exploit.196

       

      C:\Documents and Settings\Owner\Local Settings\Temp\Acr6EB8.tmp is infected with Bloodhound.Exploit.196

       

      I assume that one of these is the reason that google search links are being hijacked.

       

      I've even gone to those files in Windows Explorer and scanned them with McAfee SecurityCenter and it says:

      We finished a manual scan of your computer and there are no remaining items that require your attention. Items Scanned: 1 Items Detected: 0 Items Fixed: 0 Items Quarantined: 0

       

       

      Since my Mom has paid for the McAfee Security, how do I get it to remove these viruses when it won't even find them in a scan???

       

      Thanks!!!!

        • 1. Re: McAfee Scan Detects 0, But Norton Finds 2 Viruses: Infostealer.Gampass & Bloodhound.Exploit.196
          Vinod R

          Could you please run a tool and post back its logs please.

           

          KEEP IN MIND THAT THIS TOOL IS TO BE RUN ONLY AS INDICATED IN DIAGNOSTICS MODE . DO NOT MAKE ANY CHANGES OR REPAIR BASED ON THE RESULTS OBTAINED BY THE TOOL.

           

           

           

          Please follow the instruction given below to run the Tool in High Sensitivity level with REPORT ONLY mode. ( Note: If the scan is initiated in high mode and set to repair. It might cause ire-repairable damages to the machine hence always run it in REPORT ONLY MODE)

           

           

          McAfee Labs Stinger

           

           

          Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations.

           

           

           

           

          1. Download      v10.0.1.688 [5,207,047 bytes] (11/23/2009)
          2. When prompted, choose to save the file to a convenient location on your      hard disk (such as your Desktop folder).

             
          3. When the download is complete, navigate to the folder that contains the      downloaded Stinger file, and run it. WindowsME/XP/Vista users read      this first.

          4. The Stinger interface will be displayed.

             
          5. If necessary, click the Add or Browse     button to add additional drives/directories to scan. By default the C: drive      will be scanned.
          6. By default, Stinger will repair all infected files found THIS IS NOT RECOMMENDED
          7. Enable Artemis Technology in stinger click on preferences and then select      the required sensitivity level.  If you select "High" or "Very High" McAfee Labs      recommends that you set the "On virus detection" action to "Report only" for the first scan.

          8. Click the Scan Now button to begin scanning the specified      drives/directories.
          9. Once the scan is done Click the File menu and select Save report to file.
          10. Locate and examine the save report / attach it as a reply to this post.
          • 2. Re: McAfee Scan Detects 0, But Norton Finds 2 Viruses: Infostealer.Gampass & Bloodhound.Exploit.196

            Thanks.  In addition to the 2 viruses found by the free Norton scan, Stinger indicated that it found several trojans:

             

            McAfee® Stinger Version 10.0.1.688 built on Nov 24 2009

            Copyright © 2009 McAfee, Inc. All Rights Reserved.

            Virus data file v5000 created on Nov 23 2009.

            Ready to scan for 1370 viruses, trojans and variants.

             

            Scan initiated on Sun Dec 06 18:30:25 2009

            C:\Program Files\TrueSwitchAT&TYahoo\TrueWizard.exe

                 Found the Artemis!2A53D1C0B830 trojan !!!

            C:\WINDOWS\I386\alf\mfu_us.exe

                 Found the Artemis!A95DD6843E36 trojan !!!

            D:\i386\Apps\App09143\mfu_us.exe

                 Found the Artemis!A95DD6843E36 trojan !!!

              Number of clean files: 199227

              Number of Trojans: 3

             

            How do I get McAfee to remove these viruses and trojans that it won't even detect??

             

            Thanks!