Am I Running 2 AVs & 2 FWs?

After uninstalling McAfee AV & FW to the best of my ability, Windows Security Center continues to recognize McAfee AV & FW.

In safe mode I removed through control/add remove programs, ran the removal tools specific to the versions on my PC, followed manual uninstallation instructions I received from McAfee, used a cleaner, & ran a registry cleaner.

Via phone (I was offline) I contacted McAfee tech support & was told I'd destroyed my computer's ability to connect with the internet by my deleting Network Associates from my registry. The tech double checked & was sure McAfee was in no way connected to Network Associates. (McAfee was Network Associates prior to 2004--I checked.)

Next, I contacted Microsoft tech support & was told running two AV/FWs was fine. He too had double checked.

I'm a newbie. I'm here because this forum has the most advancedies. Help!

Are there known flaws re Windows Security Center detection (I'm assuming the answer is yes)?

Is there a definitive test I can run to tell whether or not there actually are 2 AV/FWs?

The manual uninstall instructions weren't as specific as they could have been. I'm posting them-- you may see an obvious omission.

============================================================ Disabling McAfee Startup entries. 1. Click "Start" >> "Run" >> Type msconfig in the "Open box" >> Click "OK". 2. In System Configuration Windows, Click "Startup" tab. 3. Scroll down and uncheck all "McAfee" entries starting with "MC". 4. Click "Apply" and "Close". 5. On prompt to restart, Click "Exit without Restart". Ending McAfee tasks. 1. Right click the "M" icon in your system tray and click EXIT. 2. Then press Ctrl+Alt+Del ---> Task Manager ---> go to Process tab and End Task all the McAfee process. (Mostly Starting with Mc or mc or mpf) Backing Up Registry. Before beginning to edit the registry be sure to back it up. This will safeguard your Windows installation. You can recover your Windows configuration by restoring the backup if something goes wrong. 1. From the Taskbar, click Start --> Run --> type REGEDIT and click OK. The Registry Editor appears. From the menubar, click Registry. Note: If using Windows XP, click File 2. Click Export. 3. The Export Registry File dialog box appears. In the 'Save in' drop-down menu, select Desktop. 4. In the 'File Name field, type backup. 5. In the 'Export range' section, select All. 6. Click Save. Note: To restore the registry, double click on the backup file you just created and follow the prompts. After completing all of these steps and verifying that everything is working properly, delete this file to avoid restoring the old registry. Deleting McAfee entires. 1. Click (+) next to HKEY_CURRENT_USER. 2. Click (+) next to Software. 3. Under Software look for any entries like McAfee, McAfee.com and Network Associates if found delete them. 4. Click (+) next to HKEY_LOCAL_MACHINE. 5. Click (+) next to Software. 6. Under Software look for any entries like McAfee, McAfee.com and Network Associates if found delete them. 7. Then click (+) next to Microsoft. 8. Click (+) next to Windows. 9. Click (+) next to CurrentVersion. 10. Under CurrentVersion select the Run folder, now on right hand side look for any McAfee entries if found delete them. 11. Then under CurrentVersion look for Uninstall folder, click (+) next to Uninstall. 12. Under Uninstall look for all McAfee entries if found delete them. 13. Now close registry editor. 14. Then click Start-->Run-->type "C:\Documents and Settings\All Users\Application Data" and click OK and delete McAfee.com folder if it does not allows you to delete, restart your computer and then try to delete it. Check Add / Remove program for McAfee products and if listed. Uninstall them and restart your computer for changes to take effects.

-----

Thank you so much for your input.

 

Hello,

Restrospective is ugly, but:
Once you stumbled into a problem, you should not have played with registry.

What you should do:

Backup your personal data
Reinstall McAfee. Reboot.
Uninstall McAfee. Reboot.
Run a registry cleaner - do you use one / need recommendations?
Open Windows Security Center - check if it's still there.

If it is:
Type msconfig in Run box > under Startup see if any McAfee entries are showing.
Type services.msc in Run box see if any McAfee services are showing.

If they are:
Contact McAfee, ask them about this - do not delete anything on your own.
Tell us how things progress.

If they are not - you can safely install your other av, firewall and ignore Security Center or even tell it not to inform you about it. The Security Center is not perfect and does not recognize all sorts of software.

Mrk

 

I didn't stumble into a problem & then play with the registry!

I followed all the instructions I was given! It took over 1/2 dozen ludicrous contacts with McAfee to get what I posted here. I began by going to McAfee site--the instructions for the most part weren't there. I called & was sent a removal tool that went with their latest mega suite. I had McAfee that comes with Comcast--I'd chosen specific components to this suite, not all of it. The versions were older. I believed I should have the removal tools designed to go with the versions I had so I called back at least two more times, they sent me incorrect tools again. Finally I got the correct ones. I looked at the McAfee forum where they were randomly handing out the new mega suite removal tool & decided it wasn't an appropriate place to go to. I was finally able to get these manual uinstallation instructions through there live chat.

I followed all the steps perfectly. I had no problem. I had a question re the registry specifically what to do with Hkey Local Machine Software Mozilla Plugins Network Associates. I was off line so I phoned McAfee. The tech didn't know Network Associates was affiliated with McAfee was convinced I had destroyed my computer--I saw no symptom of anything wrong with my PC. He said it wouldn't show until I went online. I contacted Microsoft as suggested.

I had done a search & the only things left were the word McAfee in log entries. I read each one to the Microsoft tech. I had looked in the startup there was no longer any sign of McAfee. In services.msc these were present:

Crogra~\McAfee.com\agent\mcdetect.exe

Crogram files\McAfee.com\agent\mctskshd.exe

Crogram files\McAfee.com\agent\mcdetect.exe

They all said stopped. With Microsoft's guidance I disabled them. They remain there now in disabled status.

I left the one registry key alone (the Mozilla plugin mentioned). And put on another AV & it was at this point that I went to Windows Security Center to put the FW up temporarily--I wanted to go online while the Microsoft tech was on the phone with me, that I saw that the Security Center still recognized McAfee AV & FW.

The Microsoft tech couldn't understand this Windows phenomenon & assured me it was okay to have 2 AV/FWs. I put on Windows FW & came online to get answers/help. I believe the local geek squad only knows how to do system restores.

I haven't had much luck with McAfee, Microsoft either. That's why I'm here.

What is the significance of these disabled services.msc entries? do they suggest there is indeed active McAfee AV/FW on my PC? (Ques 1)

You suggest reinstalling & then uninstalling McAfee. Just how do you propose I do the uninstall? (Ques 2)

I was given a fix to get Windows Security Center to stop recognizing the old AV/FW, but am hesitant to use it for I do not want to inadvertantly mask anything.

Should the one mozilla plugin entry go? (Ques 3)

I had used a cleaner & a registry cleaner. Quite frankly I'm hesitant to make a move without more information. Please could you address my questions.

 

Hello,
Legitimate programs have unistallers via add-remove.
Disabled services is good - you should be able to install other software.
I'm suggesting the reinstall + uninstall because it seems the software did not uninstall nicely. Left lots of garbage. All those remaining services seem like you did not complete the uninstall.
But if they are disabled, you could try installing other software.
When encountered with bad uninstall, the best thing is to install again and try to remove ... again.
You should remove the Mozilla plugin, as well.
Mrk

 

Hi,
I'm on the notebook right now with the "2nd" AV/FW installed. It's asymptomatic of any damage. It was a little noisy before my big adventure. I wanted to learn on here & buy a new system when I've worked the kinks out.
I began with add/remove programs, ran each tool, & so on in the order I was given I wrote all steps out... From what was left behind, I don't think the removal tools did much of anything. But following the manual uninstall instructions should have done the trick, right?
The Mozilla plugin--I thought it could be my McAfee Site Advisor or perhaps one of the add ons for Firefox used a Network Associates component. What do you think of this? (Ques 1)
I did backup that key at one point & exported it to the desktop, rebooted, & checked Windows Security Center for a change... none. So I imported it back to the registry.
If there were 2 AV/FW would it show up with a big bang or a gradual destruction process? (Ques 2) I've been in this 2AV/FW state for 2 days now.
I truly appreciate your input.

 

Hi,

It is not disirable to have 2 firewalls - some people do run 2 AVs but they tend only to run one as a shield the other on demand.

If your machine is stable then that is good - 2 AVs together is quite likley to cause a BSOD.


I'd contact eset http://www.eset.com/download/av-uninstallers.php

Automated Uninstaller to remove Symantec and McAfee antivirus products
Some antivirus software vendors make it hard to remove their software. ESET's partners have developed tools to make it easy to remove your old antivirus software and upgrade to NOD32. ESET provides these files and references as a public service, at no cost, and with no implied or express warranties. Currently we have help for Symantec and McAfee products.

 

Starfish,
Thank you for telling me about Eset's tools. They're probably a superior quality to those of McAfee. I'm leaning towards believing the Windows Security Center simply isn't recognizing the correct information. Tell me what you think of the fix I'd like to try.

1) Go to the Control Panel & open Administrative Tools.

2) Click on Services.

3) Go to Windows Management Instrumentation & Stop the service.

4) Stop Security Center Service too.

5) Let them Automatically start.

6) Exit out to the desktop, click Start, & choose Explore.

7) Go to C:\windows\system32\wbem\repository.

Delete this subdirectory.

9) Exit & reboot. (You may need to reboot twice.)

This will rebuild the deleted folder & the database. Windows Security Center should show the correct information. The AV & FW should be recognized.

 

I'd leave the security centre alone - I don't know if your instructions are correct they sound plausible -- you could try uninstalling and reinstalling it with xplite - not sure if it can do that


Have yoy checked if any Macfee processes are still running - task manager - google the one you don't know.


Macfee product never leave a clean system that si one of the reason I stopped using them

 

There are no McAfee services in Task Manager. The only remaining McAfee services listed are the three I mentioned earlier in this thread. They are in Services.msc & are disabled.

I've discovered undeletable Legacy keys in the registry that correlate with those disabled services.msc entries. The folders for these were previously deleted. Suggestions?

 

those instructions should work. have u tried it yet?

 

Hi!
I was about to make my way back here to report the outcome! Yes, the Windows Security Center fix worked! As soon as I rebooted & opened it up it stated, by name no less, the one AV & FW running on my computer. I gave it to the Microsoft tech who was patient enough to allow me to bring him up to speed & hand hold.
Thanks for your input!