Moved provisionally to Malware Discussion > Home User Assistance.
Thanks for your notes.
I reallly do not wish to open any new antivirus programs till I hear from McAfee
Please read these short descriptions of rogue programs before you decide what to do :
and also this document, which contains some of the advice set out below
"Securities Tool" is not one of the (very many) known rogue programs.
"Security Tool" is. It is scareware. It will try to persuade you to buy a useless and possibly harmful program. If you click on a scareware window, and if you try to run the downloaded program that it tries to persuade you to buy, your PC could become infected with malware. Even if does not, you've wasted your money on a fake program. McAfee and other AV programs may not detect these because they are not, strictly speaking, viruses; only if the program starts to download known malware will McAfee move to block it.
If the page I linked you to at bleepingcomputer.com shows you a picture of a program that looks the same as the one you've bought, then you've been sold a (potentially dangerous) rogue program.
The information on the page whose link I provided will help you to remove it.
Alternatively, you could do the following :
Update your dat files and scan your PC with Virusscan in Safe Mode.
To do this, tap F8 repeatedly while booting up. You'll get a boot screen with choices. Pick Safe Mode. Your PC will boot in a low resolution state as most processes won't be running. Go to "My Computer" (XP) or "Computer" (Vista), right-click the hard drive and select "Scan" from the drop-down menu. You'll see an extra taskbar icon which will show a progress report if you hover over it.
If you think you have a virus infection on your PC do one or both of the following :
- Run the free Mcafee Stinger program from http://vil.nai.com/vil/stinger/ -
set it to Report Mode (in Preferences) and post the logs of anything it detects.
- Join the McAfee Getsusp group at https://community.mcafee.com/groups/getsusp30-beta-feedback
You will have to ask there for Getsusp, which is a Beta program and not yet on general release.
Before you use Getsusp, you should go to this document
and download the PDF file explaining what Getsusp is and how it works, and this document
which downloads the installation guide PDF document.
If you want a second opinion, or to be on the safe side, then you can do a scan with the free versions of these tools :
If you already have Malwarebytes installed, the virus could be protecting itself against it. In that case, in order to get Malwarebytes running you'll need to rename the executable. Open the C:\Program Files\Malwarebytes Antimalware folder, then rename the "mbam.exe" file and double-click directly on the file to open the program. After updating the program, run a full system scan using Malwarebytes.
Make sure both programs are updated to the latest versions before running them and let them clean anything they find. If they quarantine a file or fail to remove a file try to get a copy of it and send it to Mcafee using the virus submission path described here :
(The following has been copied from a post of Peacekeeper's, to whom I am grateful for saving me some typing).
Send the file to mcafee labs at http://vil.nai.com/vil/submit-sample.aspx
Zip the file and password it with password infected.
You will probably get an autoreply back saying it is infected; reply asking for it to be manually tested.
Include in your first submission :-
Please provide the following information along with your sample. It will help us speed the sample review process:
- A list of all files contained in the sample submission, including a brief description of where or how you found them
- What symptoms cause you to suspect that the sample is malicious
- Whether any security products find a virus (tell us the security vendor, its product name, the version number, and the virus name assigned to the sample)
- Your McAfee product information (product name, engine, and DAT version
- Any system details that may be relevant (operating system, service packs, etc.)
You now have two answers to your question, one short and one long.
Pick whichever seems to you to offer the better path to cleaning your PC of this program, and let us know how you get on ...