×
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
pedroxavi
Former Member
Message 1 of 25
‎11-27-2013 10:51 AM

Identification Required for subsequent action, possible malware or McAfee wrongful doing

Hello everyone,

I've been noticing on daily basis that, some reason(by then yet to identify) my computer disk activity was constantly on 100% without the Process Manager/Task Manager could explain why it was doing so.

I used an old program I had a few years back to try and understand who or what was writing on my disk without me knowing.

The program is called DKHardDrive-Light, with it, we can keep track on 1 or all partitions/disks, what is being written every second and which file was written, either by being Changed/Created/Deleted.

I then realized that it was McAfee, specially MPF(McAfee Personal Firewall). I could sent a JPG with the ScreenShot of it, if necessary and if I'm allowed to off course.

But for the time being, I can write here the few lines that it repeats every second for hours, like it is doing at the moment actually.

27/11/2013 18:38:13 - Created - C:\ProgramData\McAfee\MPF\Data\log.edb-journal

27/11/2013 18:38:13 - Changed - C:\ProgramData\McAfee\MPF\Data\log.edb-journal

27/11/2013 18:38:14 - Changed - C:\ProgramData\McAfee\MPF\Data\log.edb

27/11/2013 18:38:14 - Deleted - C:\ProgramData\McAfee\MPF\Data\log.edb

27/11/2013 18:38:15 - Created - C:\ProgramData\McAfee\MPF\Data\log.edb-journal

27/11/2013 18:38:15 - Changed - C:\ProgramData\McAfee\MPF\Data\log.edb-journal

27/11/2013 18:38:16 - Changed - C:\ProgramData\McAfee\MPF\Data\log.edb

27/11/2013 18:38:16 - Deleted - C:\ProgramData\McAfee\MPF\Data\log.edb

These are the 4 activities that happen with each second that passes, they repeat themselves in this order. It creates a file, changes, changes again to a different name and deletes it entirely, restarting the same process in a fraction of 2 seconds.

Can someone tell me about this? Because its stalling my computer, every game or program that I run, needs to access the HardDrive and it being funneled to this bizzar happening..

Best Regard,

Xavi

Portugal

McAfee Total Protection 2014 3PCs - HomeUser

Message was edited by: pedroxavi on 11/27/13 12:54:07 PM CST
0 Kudos
Reply
24 Replies
exbrit
MVP
MVP
Message 2 of 25
‎11-27-2013 11:51 AM

Re: Identification Required for subsequent action, possible malware or McAfee wrongful doing

This is more a firewall issue so have moved it there.

That's the firewall logs being constantly created and old ones being deleted.  The actual folder shouldn't be more than a few kb's size and should not be interfering with anything.

If a process is occupying 100% of CPU for any length of time then there is something wrong - either the process is malicious or the programme it is connected with perhaps needs full permission in firewall settings?

Check for malware using Stinger, Malwarebytes Free and maybe also AdwCleaner, all linked in the last link in my signature below to make sure you are OK.

Then run the McAfee Virtual technician to make sure your software is OK:  http://mvt.mcafee.com/

If a problem continues then maybe the game or whatever it is needs more settings changed, but best consult that software's website for advice on that, or contact Technical Support.  

It's free by phone or online chat and linked under Useful Links at the top of this page.

.

Message was edited by: Ex_Brit on 27/11/13 2:53:46 EST PM
0 Kudos
Reply
pedroxavi
Former Member
Message 3 of 25
‎11-27-2013 12:32 PM

Re: Identification Required for subsequent action, possible malware or McAfee wrongful doing

Hello X_Brit

Thanks for the quick reply to my post.

You said 100% of the CPU, but the CPU is quiet all the time, doesn't bug him whatsoever, the Disk Activity is the one allways at 99/100%, which makes the read/write permissions for other programs that I choose to run, a little hard to deviate the bandwith to them, McAfee is consuming it all, if we can put it like this.

I notice also that, if I manually stop the McAfee firewall for any time, doesn't matter, the Disk Activity drops instantly from 100 to 0, but as soon as I start it again, it goes 30-60-100% in a matter of 5 seconds. The correlation seams about right in terms of firewall-logs, if I kill the firewall the logging stops, if reinitiated, it obviously restarts the log writting.

The all create-change-delete sequence eventually stops on itself, but it takes long hours doing so, and it stops on itself without any action I might do on the computer at any given time. I can stare at the DKHardDrive constant log and then suprise, McAfee decided to stop. So, I recon it has nothing to do with the user's actions, its simply of process that he decided to start and utherly stop.

You mentioned "malicious process". You're referring with the legitimate McAfee log-writting process or something else interfering with it and causing it abnormaly write logs when he actually didn't have to? Being the malicious process the external factor off course

Best Regards,

Xavi

0 Kudos
Reply
Hayton
Reliable Contributor
Reliable Contributor
Message 4 of 25
‎11-27-2013 12:37 PM

Re: Identification Required for subsequent action, possible malware or McAfee wrongful doing

How many entries have you got in the McAfee Security Center Security History for the past 24  hours, and which category of entry occurs most often?

0 Kudos
Reply
pedroxavi
Former Member
Message 5 of 25
‎11-27-2013 12:46 PM

Re: Identification Required for subsequent action, possible malware or McAfee wrongful doing

Hello Hayton

Checking it now, it says Please Wait, gona wait on it

Replying when I got your answer

Best Regards,

Xavi

0 Kudos
Reply
pedroxavi
Former Member
Message 6 of 25
‎11-27-2013 12:51 PM

Re: Identification Required for subsequent action, possible malware or McAfee wrongful doing

Meanwhile, I tried Stinger, nothing, got 0 hits, just tried MalwareBytes and got 12 hits, posting JPG

AdwCleaner ScreenShot.jpg

Message was edited by: pedroxavi on 11/27/13 2:53:02 PM CST
0 Kudos
Reply
pedroxavi
Former Member
Message 7 of 25
‎11-27-2013 01:06 PM

Re: Identification Required for subsequent action, possible malware or McAfee wrongful doing

Its taking way to long (I think) to present me the results of the History, its spinning the bars and sayin Please Wait.

How long this usually take?

0 Kudos
Reply
Hayton
Reliable Contributor
Reliable Contributor
Message 8 of 25
‎11-27-2013 01:07 PM

Re: Identification Required for subsequent action, possible malware or McAfee wrongful doing

Delete everything Malwarebytes found.

http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/pupoptionalconduit/b...

That appears to be a Malwarebytes detection for Search Conduit. If Malwarebytes will not eliminate it you can seek assistance in the Malwarebytes Forum at http://forums.malwarebytes.org/
Or see the following free removal guide from Malwaretips: http://malwaretips.com/blogs/remove-conduit-search-virus/
0 Kudos
Reply
Hayton
Reliable Contributor
Reliable Contributor
Message 9 of 25
‎11-27-2013 01:11 PM

Re: Identification Required for subsequent action, possible malware or McAfee wrongful doing

This is a reply about Security History -

McAfee Security History always takes a long time to display. This is what I was testing for : the more entries in Security History the longer it takes. I'm wondering why there is all that firewall log activity : is it the case that so many entries are going into the log that it needs to create a new one?

0 Kudos
Reply
exbrit
MVP
MVP
Message 10 of 25
‎11-27-2013 01:53 PM

Re: Identification Required for subsequent action, possible malware or McAfee wrongful doing

Hmm, maybe I should have left this in Malware Discussions.  Malwarebytes seems to have found a possible source for your hard drive activity.  However Hayton has everything in hand so I'll leave it to him.

0 Kudos
Reply
How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community

* Important Terms and Offer Details:

  Subscription, Free Trial, Pricing and Automatic Renewal Terms:

  • The amount you are charged upon purchase is the price of the first term of your subscription. The length of your first term depends on your purchase selection (e.g. 1 month or 1 year).  Once your first term is expired, your subscription will be automatically renewed on an annual basis (with the exception of monthly subscriptions, which will renew monthly) and you will be charged the renewal subscription price in effect at the time of your renewal, until you cancel (Vermont residents must opt-in to auto-renewal.)
  • Unless otherwise stated, if a savings amount is shown, it describes the difference between the introductory first term price (available only to customers without an existing McAfee subscription) and the renewal subscription price (e.g., first term price vs. each year thereafter).
  • Pricing is subject to change. If the renewal price changes, we will notify you in advance so you always know what’s going on.
  • You can cancel your subscription or change your auto-renewal settings any time after purchase from your My Account page. To learn more, click here.
  • You may request a refund by contacting Customer Support within 30 days of initial purchase or within 60 days of automatic renewal (for 1 year terms or longer).
  • Your subscription is subject to our License Agreement and Privacy Notice. Subscriptions covering "all" devices are limited to supported devices that you own. Product features may be added, changed or removed during the subscription term.  Not all features may be available on all devices.  See System Requirements for additional information.
  • Free Trial Terms: At the end of your trial period you will be charged $39.99 for the first term. After the first term, you will be automatically renewed at the renewal price (currently $124.99/yr). We will charge you 7-days before renewal. You can cancel at any time before you are charged. ​

 **Free Benefits With Auto-Renewal:

  • For many qualifying product subscriptions McAfee offers additional benefits for free when you are enrolled in auto-renewal. You can check your eligibility for these benefits in your My Account page. Not all benefits are offered in all locations or for all product subscriptions.  System Requirements apply.   Turning off auto-renewal terminates your eligibility for these additional benefits. 
  • Virus Protection Pledge (VPP): If we cannot remove a virus from your supported device we’ll refund you the amount you paid for your current term subscription.  The refund does not apply to any damage or loss caused by a virus.  You are responsible for backing up your data to prevent data loss. See terms here: mcafee.com/pledge.
  • Safe Connect VPN:  You will receive free, unlimited access to our VPN wireless on supported devices. Users not on auto-renewal have access to 500 MB/month of bandwidth.

   Additional Terms Specific to Identity Monitoring Service:

  • Eligibility: McAfee® Identity Monitoring Service Essentials is available within active McAfee Total Protection and McAfee LiveSafe subscriptions with identity monitoring for up to 10 unique emails. Phone number monitoring is enabled upon activation of Automatic Renewal. Not all identity monitoring elements are available in all countries. See Product Terms of Service for more information. 
  • Your subscription is subject to our License Agreement and Privacy Notice. Product features may be added, changed or removed during the subscription term. Some features may require registration and a valid ID number to activate. See System Requirements for additional information.
  • While McAfee Identity Monitoring Service provides you tools and resources to protect yourself from identity theft, no identity can be completely secure.
  • US Only:
    Fair Credit Reporting Act: You have numerous rights under the FCRA, including the right to dispute inaccurate information in your credit report(s). Consumer reporting agencies are required to investigate and respond to your dispute, but are not obligated to change or remove accurate information that is reported in compliance with applicable law. While this plan can provide you assistance in filing a dispute, the FCRA allows you to file a dispute for free with a consumer reporting agency without the assistance of a third party.
  • Identity theft coverage is not available in New York due to regulatory requirements.


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Products

McAfee® Total Protection
McAfee® Gamer Security
McAfee® Identity Monitoring Service
McAfee® Security Scan Plus
McAfee® WebAdvisor
McAfee® Techmaster Concierge
McAfee® Virus Removal Service

Resources

Antivirus
Free Downloads
Parental Controls
Malware
Firewall
 Blogs
Activate Retail Card
Threat Center
McAfee Enterprise

Support

Consumer Support
FAQs
Renewals
Support Community

About

About McAfee
Careers
Contact Us
Newsroom
Investors
Legal Terms
Your Privacy Choices
System Requirements
Sitemap

Copyright © 2022 McAfee, LLC
Copyright © 2022 McAfee, LLC