Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mcafee Antivirus will not run scans


  • Please log in to reply
19 replies to this topic

#1 tinkerbellpixie

tinkerbellpixie

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:19 AM

Posted 06 February 2011 - 09:24 AM

I really hope someone can help me. I just put Mcafee Antivirus Plus on my laptop about 2 weeks ago. It had been working fine up til 3 days ago real time protection would not turn on, so I contacted Mcafee and they told me to reinstall it. I reinstall it then it does not want to run any scans. I am so frustrated, I have been dealing with Mcafee for 2 days now and have talked to 2 different tier 2 guys. The first guy said something in my windows 32 system was corrupted, said he fixed it and for me to reinstall again but still didnt work. Second guy said that I had to many HP errors which was causing Mcafee not to work properly, told me to contact HP to get it fixed then try to run a scan. So I went ahead and uninstalled Mcafee and put another virus protection on and guess what it is working fine. If anyone has had any issues with Mcafee or knows what might be the problem, please let me know.

Edited by hamluis, 06 February 2011 - 11:02 AM.
Moved from Win 7 to AV, Firewall, Privacy Protection.

[ runs this site.'] 

BC AdBot (Login to Remove)

 


#2 Allan

Allan

  • BC Advisor
  • 8,554 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:06:19 AM

Posted 06 February 2011 - 09:38 AM

In my opinion (and in the opinion of MANY others) McAfee products (and their "support) are the worst in the business. Period. I always suggest replacing their product with virtually ANY other anti virus utility.

#3 tinkerbellpixie

tinkerbellpixie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:19 AM

Posted 06 February 2011 - 11:26 AM

I have another question what does cngaudit.dll mean?
[ runs this site.'] 

#4 ThunderZ

ThunderZ

  • Deactivated
  • 4,454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:19 AM

Posted 06 February 2011 - 01:04 PM

Google info about cngaudit.dll

#5 tinkerbellpixie

tinkerbellpixie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:19 AM

Posted 06 February 2011 - 05:45 PM

The reason I was asking what cngaudit.dll was, Mcafee kept trying to delete it said it was a trogan. Everytime they deleted and rebooted it was back. I also run Malwarebytes and I just recently ran combofix through Malwarebytes and he said everything looked good. Is this something I need to be concerned about?
[ runs this site.'] 

#6 ThunderZ

ThunderZ

  • Deactivated
  • 4,454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:19 AM

Posted 06 February 2011 - 06:02 PM

If you read the links in the Google search provided you will see that cngaudit.dll appears to be a legit Windows file\dll. dll = Dynamic Link Library.

As Allan stated mcafee is not a very respected AV, with Tech support that seems to match.

I would be more inclined to take the word of the MBAM team then of the mcafee tech(?) support.

#7 tinkerbellpixie

tinkerbellpixie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:19 AM

Posted 06 February 2011 - 06:10 PM

I just want to thank you and Allen for helping me.
[ runs this site.'] 

#8 ThunderZ

ThunderZ

  • Deactivated
  • 4,454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:19 AM

Posted 06 February 2011 - 06:44 PM

You are more then welcome. That`s what BC is here for.

#9 Allan

Allan

  • BC Advisor
  • 8,554 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:06:19 AM

Posted 07 February 2011 - 08:06 AM

I just want to thank you and Allen for helping me.

Not that I was much help, but you're certainly welcome :)

#10 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,641 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:19 PM

Posted 07 February 2011 - 08:25 AM

The reason I was asking what cngaudit.dll was, Mcafee kept trying to delete it said it was a trogan. Everytime they deleted and rebooted it was back. I also run Malwarebytes and I just recently ran combofix through Malwarebytes and he said everything looked good. Is this something I need to be concerned about?


If you want, there is a way to check if cngaudit.dll is a legitimate Microsoft executable or not.
Download sigcheck from Microsoft: http://technet.microsoft.com/en-us/sysinternals/bb897441
It is a command-line tool. Start it from cmd.exe: sigcheck.exe cngaudit.dll (this example is assuming you've extracted sigcheck.exe in the same directory as cngaudit.dll).
You will see info displayed about cngaudit.dll, the most important needs to be:
Verified: Signed

This will check the digital signature (AuthentiCode) of cngaudit.dll. If it's not from Microsoft, it will not have a Microsoft signature, and if it is infected, the signature will not be valid.

Edited by Didier Stevens, 07 February 2011 - 08:32 AM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#11 tinkerbellpixie

tinkerbellpixie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:19 AM

Posted 07 February 2011 - 10:52 AM

I am not real sure how to do this, do I need to save sigcheck to the windows 32 file folder where cngaudit.dll is located?
[ runs this site.'] 

#12 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,641 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:19 PM

Posted 07 February 2011 - 03:51 PM

I am not real sure how to do this, do I need to save sigcheck to the windows 32 file folder where cngaudit.dll is located?


No problem. Just save the sigcheck file to one of your folders, and unzip it there. Let's say that the folder you choose is c:\temp
From the start menu, type cmd.exe and run it.
In the cmd.exe console, type cd \temp to go to the folder where you saved sigcheck.
Then type: sigcheck c:\windows\system32\cngaudit.dll
Accept the EULA.
On my machine, I get this output:

sigcheck v1.60 - sigcheck
Copyright (C) 2004-2009 Mark Russinovich
Sysinternals - www.sysinternals.com

c:\windows\system32\cngaudit.dll:
        Verified:       Signed
        Signing date:   4:17 14/07/2009
        Strong Name:    Unsigned
        Publisher:      Microsoft Corporation
        Description:    Windows Cryptographic Next Generation audit library
        Product:        Microsoft« Windows« Operating System
        Version:        6.1.7600.16385
        File version:   6.1.7600.16385 (win7_rtm.090713-1255)

Your output should be similar, the versions and date may differ, but the file should be signed (Verified: Signed) by Microsoft.

Update:
You can also do this with the live drive, i.e. without downloading sigcheck.
Start cmd.exe, and type the following command:
\\live.sysinternals.com\tools\sigcheck c:\Windows\System32\cngaudit.dll
If this doesn't work, then do has I explained above.

Edited by Didier Stevens, 07 February 2011 - 03:57 PM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#13 tinkerbellpixie

tinkerbellpixie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:19 AM

Posted 07 February 2011 - 04:10 PM

ok, thank you for explaining it better for me I am not that good with computers. I will try it now and I will let you know what it says.
[ runs this site.'] 

#14 RobGreen

RobGreen

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 07 February 2011 - 11:14 PM

Instead of struggling with Mcafee, you should use malwarebytes to eliminate any viruses. I have used it, and found it to be very effective. You can download a trusted copy of malwarebytes at cnet or http://malwarebytes.org

#15 ThunderZ

ThunderZ

  • Deactivated
  • 4,454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:19 AM

Posted 07 February 2011 - 11:52 PM

@ RobGreen. MBAM is an excellent and highly recommended anti-malware program. It is not an anti-virus program.

It is ment to compliment and work alongside AV`s to catch what they may miss. Not to replace them.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users