Virus W32/HLLP.philis.remnents and mc afee?

:ugh:does any know had to remove this virus//??i have mcafee installed,through o2.but it still got in,mcafee refuses,to allow me to access the latest dat and engines.and cusomer support and virtual technician no longer seem available ,with out cost,have they been withdrawn?:yuk:
thanks in hope of ending this frustration.

Turn off your PC now.

Take the hard drive and slave it to a PC with a proper antivirus installed on it.

Scan your disk, and fix the virus.

Take the fixed disk out and reinstall it in your PC.

Install the AVG free version AVG Free - Download Free Antivirus and Antispyware for Windows 7, Vista and XP (http://free.grisoft.com)

Don't use McAfee again :ok:

McAfee is pretty useless these days. It costs, and doesn't protect as well as the free ones. AVG or Avast will do the job of protection far better, and for free.

Removing a virus once you have one is trickier. McAfee claim that their program will prevent and/or remove this one, but from what I've read about it, the claim isn't always supported by the reality.

If you have a second PC available, then Mike's suggestion is probably the easiest.
If you don't, then read here (http://dllcity.com/remove-malware.php?threat=W32.HLLP.Philis) for some guidance.

You may find (no guarantee) that this may help:
1. Download AVG or Avast (either but not both!);
2. Disconnect from the Internet;
3. Uninstall McAfee and install AVG;
4. Run AVG/Avast scan - it may see and remove the virus.

AVG/Avast may require you to reconnect the Internet so that it can download the latest virus definitions, in which case do so. It's safer not to be connected while you're removing and installing (just in case the virus sees what's happening and calls for reinforcements).

THANKS to the above for their advise ,now running avast, all seems well,wouldn't have avg.but the error is well posted on their forum,cheers again:p

McAfee is no good? Damn! New lappy came with 90 day free version, I promptly forked out for a year's worth. I figured that AVG Free, being free (Uh-oh, snobbery at work here? :sad: ) would not be "as good"...

Obviously can't run both at the same time, right?

Maxbert

Obviously can't run both at the same time, right?

Correct.

McAfee seems to arrive preinstalled on most new "shop" PCs, which then ask you three months later to "send money". I suspect there's a commission deal in there somewhere.

I've done a fair few "McRemovals" - it's an amazingly persistent blighter, and takes a lot of removing.

I've not read a performance comparison for a few months, and they all differ a bit depending on what viruses they use to test, but the last one I saw rated McAfee at 92%-ish and AVG and Avast at 99.x%

The inference was that about 8% of viruses would get past McAfee, and most of those wouldn't get past the other two. Whether that's true or not I dunno, but I don't take the risk. Add in the fact that you pay for McAfee and the best two are free, and ...

Do not assume that it is just an ordinary virus! Make sure you download a rootkit scanner. For some reason there seems to be a significant difference between those two detection scanners.

No matter what you run, I use AVG, it is sometimes going to an online checker such as Trendmicro housecall, it has found a few elusive little buggahs in the past for me.

My defense package (open to suggestions):

Avira
Zonealarm
Ad-Aware (although I'm having mixed feelings about the latest version)

and

The off button.

I remain unconvinced of the value of 'ad-aware', but use 'spybot' and particularly recommend 'Malwarebytes'.

Ad-aware was ok in 2003, no longer.
Zone-Alarm likewise (but then my thoughts on personal firewall software is well documented).

A lot of the AV's install deep into the OS (or should, if they're any good) and most have removal tools to (1) uninstall them in safe mode if the uninstaller fails, and (2) clean out debris left behind after an uninstall, because the uninstaller fails to remove it all.
It is well worth "Googling" for the removal tool for any AV you are about to remove.
Here's links to a few:
McAfee (from MajorGeeks). (http://majorgeeks.com/McAfee_Consumer_Product_Removal_Tool_d5420.html)
AVG32 and 64bit tools. (http://www.avg.com/download-tools)
Avast Uninstall Utility, (http://www.avast.com/eng/avast-uninstall-utility.html)
and one of the most often needed, Norton (from MajorGeeks. (http://majorgeeks.com/Norton_Removal_Tool_SymNRT_d4749.html)

I wouldn't trust AdAware to remove the excess foam from a pint of beer.
On the other hand, MBAM (http://www.malwarebytes.org/mbam.php) (MalwareBytes) and Superantispyware (http://www.superantispyware.com/download.html) have above average capability at all sorts of malware, including rootkits. If a rootkit isn't able to be removed by one of these, specialist treatment at a security forum, or a format and reinstall is indicated.

Thanks for your inputs. Ad-Aware is no longer; been replaced with Malwarebytes. :ok:

Zone-Alarm likewise (but then my thoughts on personal firewall software is well documented).

May I ask what alternative you recommend?

My advice is to stick with ZA. It is pretty good as a freebie. Check your machine for internet 'visibility' via Steve Gibson's site at https://www.grc.com/x/ne.dll?bh0bkyd2.

ZA will warn you when something on your machine tries to access the internet. You then have the choice of allow or not. You have thinking time.

I have to agree with most of the sentiments expressed here about McAfee.
Here at work all of our users (12,000+) have McAfee installed on their PCs.
The number one complaint from users? Ta-da, McAfee-related issues.
I find McAfee hogs an awful lot of system resources aside from not being too adept
at catching all of the latest and greatest threats. Ditto for Norton's Anti-virus application.

My toolbox, for what it's worth, consists of Avast! for anti-virus and Spybot for
catching all else. But you have got to download the latest definition databases to stay current, and protected.

Thumbs up for malawarebytes :ok:

I have to say I have been using the online version of McAfee for yonks now.

I run 3 machines and store gigs of images.
I download and upload loads of material in the course of my work.

I have only had one prob with a virus, that was when I returned from a trip and failed to download the latest update (which is normally done automatically)

McAfee is a bit hungry as you say, but in reality ,it rocks for me :D

El G.

May I ask what alternative you recommend?

Sure. I recommend the inbuilt Windows firewall.

Reasons?

1) It works with ALL the inbuilt Windows services that talk IP with each other via the loopback address, including domain services if your PC isn't standalone.
2) It only blocks inbound attacks, meaning that it doesn't need to keep a list of outbound ports and addresses.
3) as a result of #1 and #2 above, it doesn't slow down your PC at all.
4) as a result of #2 above, it's much more reliable than a firewall that maintains a list of outbound access and could therefore corrupt that list.
5) as a result of #2 above, it's not going to suffer from the biggest problem of personal firewalls - asking the end user what ports and/or programs they should allow or block. That's like asking a child whether they prefer fiscal stimulus or lowering a budget deficit to get out of a recession - you're not asking someone who knows what they're doing (most of the time). This means you're either going to block services you actually need or you're going to leave holes in your firewall that you're not going to be aware of. Both of these outcomes are, in most cases, worse than having no firewall at all (because at least with no firewall you know you're not protected).

oh, and

6) it also works with group policy which makes the life of a domain admin much easier (but that's not likely to be the home user's big USP).

:ok:

I personally wouldn't recommend AVG. My girlfriend subscribed to them and her laptop crashed. When she took it into be fixed it turned out she had trojans and viruses on the system which AVG didn't pick up. The tech guys used kaspersky and malwarebytes to remove the malware. Other people I know have had problems with AVG in the past as well.

Have you tried this removal technique?:

How to Remove W32.HLLP.Philis | eHow.com (http://www.ehow.com/how_5142705_remove-whllpphilis.html)

Seems to be a low level executable so you should not have much problem with it. It is a two part: .dll and .exe.

carholme

My defense package (open to suggestions):
Mine is

(1) Refrain from downloading, installing and running viruses.

Er, that's about it, really.

OK, so doesn't stop things that hit new exploits straight across the network , but

(2) Stealth mode router at the network boundary

does. And to make sure that it's only new exploits that even have that much of a chance I also

(3) Keep the system patched up to date.

And that really is it for most of the machines on my network. One of the kids runs AVG because it came with the machine ... but I rather suspect he's going to switch it off any day now because it's a resource hog.

There's one machine which is an exception, because it's a laptop and might be plugged into the internet by some means other than via the stealth mode router. So that has:

(4) Windows firewall. (When I remember to turn it back on, that is - obviously it's turned off in normal everyday use because, like all firewalls, it's a bit of a pain.)

(And it's also got McAfee on it, as it came with it and I've never bothered to uninstall it, but it's never detected anything, because the above layers of protection mean that nothing has ever got near enough to be detected.)

Right, now, (1) is easy enough for grown-ups, but there is a bit of a learning exercise for kids, who seem to feel the need to visit dodgy web sites, download things (games, chat applications, porno videos etc) and indulge in other unsafe practices that grown-ups find it easier to avoid. This is what worked for me:

Whenever a child's computer gets a virus, disconnect it from the internet "until you've got time" to fix it. Then fix it and reconnect. The point is that "until you've got time" goes up by a factor of two for every occurrence. Last time one of my kids got a virus it was a fortnight - so they know it'll be a month next time. That was sufficient to get the message home - the last virus was many years ago now.

For kids' computers, consider using a third-party DNS service such as OpenDNS. Once you're registered, it's easy to tell it which categories to block. As pure DNS, it's fast, too.

OK, so doesn't stop things that hit new exploits straight across the network , but

(2) Stealth mode router at the network boundary

does.

umm, you are aware that "Stealth Mode" on most routers only disables ICMP replies? It's not a panacea.

For kids' computers, consider using a third-party DNS service such as OpenDNS. Once you're registered, it's easy to tell it which categories to block. As pure DNS, it's fast, too.

I would concur with this too. It's saved a lot of my customers when their ISP's DNS servers died on them too. FWIW it's pretty inexcusable to have an ISP's DNS service die on you, but a lot of ISPs haven't got a clue how to architect robust DNS anyway (evidenced by the number of DNS servers on the same c-class subnet IP, for instance)

umm, you are aware that "Stealth Mode" on most routers only disables ICMP replies? It's not a panacea.
Sorry, I should have said "stealth mode NAT router" - it's the NAT that gives you most of the protection.

Yes I do know about ICMP, I mostly do comms software for a living. What the stealth mode might give you is that a port scanner might give up, due to lack of replies due to stealth mode, before it hits something it could use. Of course if you have no open ports through your NAT box there'll be nothing it could use anyway ...

The setup looks ok, but with a (possible) oversight: that of normally safe and kosher website that have been hacked and an exploit (usually in the form of an I frame) hidden in them. Since the web content has been invited, this will include the exploit. I've been seeing a lot of this in the security forums I visit. You can keep your own 'pooters patched, but you can't be responsible for the hosting software of all websites visited. Some of these are (apparently) easy to hack...I wouldn't know, but it happens, lots.

Most exploits run by virtue of vulnerable (unpatched or faulty) software, so keeping yours patched certainly minimizes the risk. Do you keep all the software that often comes with Windows (or is installed later) equally patched? Such as Adobe, Java, Macromedia etc?

(for a bit of a check, have a look at Secunia.com (http://www.secunia.org/) and maybe have each computer scanned by the OSI (online scanner) or the PSI (application for vulnerability monitoring.)

It definitely would not hurt to install a demand scanner and just check everything is good, say, once a week (or less), just to be sure. (It probably is. ) MalwareBytesAntiMalware is one of the better ones, these days.

A Bulgarian IT friend says McAfee is the first software that virus writers use to test their viruses. Viruses are one national export there. A French IT friend confirms.

I have Avast Free. It works well. Have never needed the paid upgrades. AVG from Lavasoft has a good reputation and so does Kaspersky. Avast seems to use fewer system resources.

Windows Defender has been a good firewall. ZoneAlarm Free worked well when I used it.

I run SpyBot to inoculate once a month.

So far so good.

If most of my translation clients did not use Microsoft Office, I would have switched to Linux and OpenOffice ages ago. Now I'm on Vista (a pompous resource hog makes me feel Al Qaida is hacking my system every time I try to connect to my ISP or run Avast but performance is not that bad) and seemed sentenced to Windows7 when my ThinkPad X61 reincarnates into something else next year.

A Bulgarian IT friend says McAfee is the first software that virus writers use to test their viruses. Viruses are one national export there. A French IT friend confirms.

I have Avast Free. It works well. Have never needed the paid upgrades. AVG from Lavasoft has a good reputation and so does Kaspersky. Avast seems to use fewer system resources.

Windows Defender has been a good firewall. ZoneAlarm Free worked well when I used it.

I run SpyBot to inoculate once a month.

So far so good.

If most of my translation clients did not use Microsoft Office, I would have switched to Linux and OpenOffice ages ago. Now I'm on Vista (a pompous resource hog makes me feel Al Qaida is hacking my system every time I try to connect to my ISP or run Avast but performance is not that bad) and seemed sentenced to Windows7 when my ThinkPad X61 reincarnates into something else next year.

Where do I start.....so much mis-information, so little time.

1) I would discount what a Bulgarian IT friend says. Unless you have a sample size of more than 30 Bulgarian IT friends your information is statistically (and probably racially!) flawed.
2) AVAST (and AVG) don't limit their functionality by number/types of viruses detected - to do so would be corporate suicide in their market.
3) Lavasoft doesn't make AVG. AVG makes AVG (used to be a Czech company called Grisoft, who have renamed themselves).
4) System resources used has as much to do with the modules within a package as the package themselves. For instance, whilst I recommend AVG (well I would, i'm an AVG licensed reseller), I wouldn't recommend you install their AVG Toolbar or AVG Active Surf Shield.
5) Windows Defender isn't a firewall.
6) Windows 7 is to Vista as chalk is to cheese :ok:

Do you keep all the software that often comes with Windows (or is installed later) equally patched? Such as Adobe, Java, Macromedia etc?

Well, some of it. The trouble with Java is that it's so flaky that you tend to need to have a particular version installed for each application, as the applications are written to the particular bugs in a particular version of the JRE, so it's not realistic to simply run only the latest patched version.

It is a bit flaky, yeah.
It's own updater doesn't seem too reliable, either, and past versions would not delete older versions installed prior, so they could sit there, being vulnerable, and (unless you were a bit techy) you wouldn't know.

The Secunia application, although not perfect/the silver bullet, does a very good job of warning of vulnerabilities in most 3rd party software, Java included.