[hammondb32]

I was having problems getting to the McAfee website. I would get the message "the specified method is not supported" I also would get Google redirects. In addition, I had Mcafee antivirus and somehow I think it became corrupted as it says that I need to reinstall. I found your website through google (which is AWESOME btw) and I went through the malware guide. I am now able to get to the McAfee site. However, I'm still getting the mcafee reinstall message. It appears that the program is trying to reinstall and it gets to 100% but then the message appears again (my subscription is through 11/2010)

I just wanted to see if there was any more spy/mal/adware that I didn't get to. Steps taken before this point: My wife downloanded Ad-Aware and it removed some stuff-that didn't work- still was unable to get to the mcafee site. I uninstalled that and then downloaded stopzilla and paid for it- it removed more stuff but still couldn't get to the site. I found your website and went through the guide up to (not including) the rootkit step 4. Now, I'm able to acess the site. I believe I had a trojan. The MBAM logfile is below. Basically, I would like for you to check my logs to make sure i've gotten rid of everything. If I have, then I have to contact AOL to see why I can't get my virus scan back. Thank you very much in advance!

Malwarebytes' Anti-Malware 1.36
Database version: 1945
Windows 5.1.2600 Service Pack 3

5/23/2009 12:20:42 AM
mbam-log-2009-05-23 (00-20-42).txt

Scan type: Quick Scan
Objects scanned: 76975
Time elapsed: 13 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\lwxdph.drm (Trojan.Daonol) -> Quarantined and deleted successfully.

Edited by hammondb32, 23 May 2009 - 05:32 AM.

[Advertisements]

i'm sorry for replying before someone answers but I just wanted to give an update. I was able to reinstall McAfee VirusScan successfully, so i appears a least on the surface that i'm all set. However, i'll still be interested in you checking my logs and/or any further steps I should take to make sure. In the interim, I'm off to the stopzilla site to get my money back!

Thank you.

Edited by hammondb32, 23 May 2009 - 06:21 AM.

[hammondb32]

i'm sorry for replying before someone answers but I just wanted to give an update. I was able to reinstall McAfee VirusScan successfully, so i appears a least on the surface that i'm all set. However, i'll still be interested in you checking my logs and/or any further steps I should take to make sure. In the interim, I'm off to the stopzilla site to get my money back!

Thank you.

Edited by hammondb32, 23 May 2009 - 06:21 AM.