Computer help (virus)

[homedog]

Need a little help fellas.

To start off I have McAfee Virus Scan 7.0, build 4.3.20 created on 2/4/04, virus definitions 4322.

I opened Virus Scan Console two days ago just to check it and noticed that in the results of the last scan there was a virus found. I have it set up to scan weekly at midnight on Saturday. Never got a message that a virus had been detected or anything. Based on this I started the virus scan (scan all fixed disks) and found that there were 6 infected files on my computer. Below are the results:

Name: F3POPSWT.DLL
In folder: C:\Program Files\MyWebSearch\bar\1.bin
Detected As: AdWare-FWB
Detection Type: Program
Status: No Action

Name: MWSBAR.DLL
In folder: C:\Program Files\MyWebSearch\bar\1.bin
Detected As: AdWare-MWS
Detection Type: Program
Status: No Action

Name: MWSOEMON.DLL
In folder: C:\Program Files\MyWebSearch\bar\1.bin
Detected As: AdWare-FWB
Detection Type: Program
Status: No Action

Name: ocxdll.exe
In folder: C:\Quarantine
Detected As: IRC/Flood.c
Detection Type: Trojan
Status: Deleted

Name: psexec.exe
In folder: C:\WINNT\system32
Detected As: Remote Process Launch
Detection Type: Program
Status: Deleted

Name: MWSSRCAS.DLL
In folder: C:\Program Files\MyWebSearch\SrchAstt\1.bin
Detected As: AdWare-MWS
Detection Type: Program
Status: Deleted

Continued on next post.

 

[homedog]

I found the three files that were labelled as "No Action" and deleted them and ran the virus scan again with the following results:

Name: DC1.DLL
In Folder: C:\RECYCLER\S-1-5-21-602162358-1383384898-1957994488-500
Detected As: AdWare-FWB
Detection Type: Program
Status: No Action Taken

Name: DC2.DLL
In Folder: C:\RECYCLER\S-1-5-21-602162358-1383384898-1957994488-500
Detected As: AdWare-MWS
Detection Type: Program
Status: No Action Taken

Name: DC3.EXE
In Folder: C:\RECYCLER\S-1-5-21-602162358-1383384898-1957994488-500
Detected As: AdWare-MWS
Detection Type: Program
Status: No Action Taken

I looked for the three files above but cannot find a C:\RECYCLER directory.

Questions:
1. I thought McAfee would prevent these viruses from ever getting on the computer. What happened or what did I do wrong?
2. Why did McAfee take "No Action" on some of the files?
3. Why didn't I get a notification that a virus had been found, rather than having to go into the program and find that a virus had been found?
4. Since I ran the second scan right after the first, why didn't it pick up DC1.DLL, DC2.DLL, and DC3.EXE on the first scan.
5. Why can't I find the RECYCLER directory?
6. What can I do to prevent this from occurring again?

Any help would be appreciated.

 

[THE KOD]

Questions:
1. I thought McAfee would prevent these viruses from ever getting on the computer. What happened or what did I do wrong?
2. Why did McAfee take "No Action" on some of the files?
3. Why didn't I get a notification that a virus had been found, rather than having to go into the program and find that a virus had been found?
4. Since I ran the second scan right after the first, why didn't it pick up DC1.DLL, DC2.DLL, and DC3.EXE on the first scan.
5. Why can't I find the RECYCLER directory?
6. What can I do to prevent this from occurring again?

Any help would be appreciated.

...........................................................................

homedog

I am not no computer expert but always try to help a fellow dog.

McAfee (which I have also) will not prevent virus from coming in. It is a identifying program. You have to run it. It will not take action until you find them and you make the decision.

If you go on the web alot you are going to have cookies and all kinds of crap weekly that is possible virus trouble. You have to run the McAfee program and have the patience to wait until its done. Mine takes about 20 minutes to finish.

Also run the defrag and scan disk that is in your System tools area.Run everything once a week.

Delete anything in MacAfee that shows up. Mine usually show as Trojans in the file box.

Also if you don't have adaware get it. Also a good firewall protection. Zone alert is what I use. Its 40 bucks a year.

I have a computer repair guy that I found and have used for two years now. He put this stuff on my computers as I have no clue how to do that stuff. Its well worth the investment to be able to call him when I have trouble.

He charges 75 bucks a hour but he is top notch and well worth it.
He can fix anything in two hours from my experience.
I used to sit with him and try to figure out what he was doing but I gave up on that. Now I just tell him to fix it and leave.

Good luck

KOD

 

[homedog]

One thing I forgot to mention was that I ran Ad-aware before running the first virus scan. It didn't pick up anything.

Scanned again last night and McAfee found the same three files DC1.DLL, DC2.DLL, and DC#.EXE. This time it gave me the option of deleting them and I did.

Still don't understand why the RECYCLER directory didn't show up in Explorer.

Thanks in advance for anyone's help.

 

[loungelizard]

What operating system are you using? go here, and follow directions:

http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym

Good Luck,
ll

 

[JOSHNAUDI]

Try emptying the recycle bin and then run again.
right click 'recycle bin' on desktop
click 'empty recycle bin'

had this happen in the past

 

[KMA]

1. I thought McAfee would prevent these viruses from ever getting on the computer. What happened or what did I do wrong?
Do you have it scanning at all times or just on saturday? You should have it set to constantly scanning while you are using the computer. Do you have your firewall on? You should have that on constantly also. If you don't then it won't stop the viruses from getting on your computer. I would say that you don't have McAfee set up to prompt you when there's an action being taken. If you want to be prompted then open Mcafee and click configure automatic protection settings and then click advanced and then actions. In the pull down menu click Prompt for action. Looks like you have it set up to just go ahead and do what it has to do.

2. Why did McAfee take "No Action" on some of the files?
Those a adware files, McAfee won't take action on those but it will let you know they are there.

3. Why didn't I get a notification that a virus had been found, rather than having to go into the program and find that a virus had been found?
See my answer to number one.


4. Since I ran the second scan right after the first, why didn't it pick up DC1.DLL, DC2.DLL, and DC3.EXE on the first scan.
5. Why can't I find the RECYCLER directory?
Empty your recycle bin.

6. What can I do to prevent this from occurring again?

Make sure your auto scanning id enabled..Go to your Configure Automatic Protection settings and make sure everything in that window is checked. Make sure your fire wall is set on filter. Set your scan to daily instead of weekly.



In the Configure Automatic Protection settings window click advanced.
In the detection window make sure Enable system scan is checked off. also check off inbound files, outbound files,access, shutdown, all files.
check restart virusscan and set it for 30 minutes.
Now click advanced.
Check enable macro and program file heuristics scanning then click ok.
Now click the action tab and check off everything in that window and in the pulldown.
Choose Prompt for action if you want to be prompted before it takes action.
Now click the report tab and check everything in that window.
Click the exclusion tab and that window should have nothing listed.
Then clcik OK.



Download AVG free from the net, it runs rings around any other virus protection!!!

 

[homedog]

Thanks to all.

KMA,
1. I have the fixed disk scan task set for once a week (Sat.) I can't see where it will let me to set it to scan constantly, option not available as far as I can tell. I do not have a firewall. I did have the option "prompt user for action" enabled.
2. Understand.
3. Again, I had it enabled.
4 and 5. Got it.

I can't find where you are saying to enable auto scan. Set scan to daily as you recommended.

Configure Automatic Protection settings window: can't find this anywhere.

Are you sure you are working with the same version as I am. Can't follow your steps at all.

Thanks for the help.

 

[loungelizard]

Homedog, a lot of times these virus's get caught up in the system restore function of windows, to remove it there click on settings, control panel, system, performance, file system, move slider for system restore to minimum...then reboot. after system reboots move system restore slider back to where it was.

good luck
ll