Folder AVG Forums » Other topics » Virus Removal, Tools for Removing » Device mfeavfk01.sys Hidden Driver Object Is Hidden
July 1, 2012 11:48 Device mfeavfk01.sys Hidden Driver Object Is Hidden #211260
Reply with Quote | Quick Reply | Top
carolquirey

Avatar

Novice
Join Date: 1.7.2012
Posts: 1
Trying to get rid of rootkit device/mfeavfk01.sys. Driver object is hidden and AVG cannot automatically fix. Having looked at threads similar to this I have compiled a zipped folder of the logs which you need to analyse this specific problem. I have attached to this thread post.
July 1, 2012 18:29 Re: Device mfeavfk01.sys Hidden Driver Object Is Hidden #211281
Reply with Quote | Quick Reply | Top
Gary Bee

Avatar

Novice
Join Date: 29.7.2010
Posts: 296
Hi Carolquirey.

This device is a leftover from a previous McAfee installation, see this Thread from last year. The link to McAfee in that thread has been taken down (but did not sound too useful). Another McAfee Site thread from a couple of months ago, indicates this is a Broken Registry entry (ref'd file does not exist), but the thread does not come to solution as to how to remove it. McAfee staff never responded.

The AVG Log Entry:
Rootkits
;"File";"Infection";"Result"
;"\Device\mfeavfk01.sys";"Hidden driver";"Object is hidden"

Does not indicate this is from the Registry (but the Rootkit indications are not clear in cases of detections in Memory).
Hopefully, AVG will respond and let us know what exactly this detection is, and suggest a solution.

In the mean time, do you have one of the Registry Cleaner Utilities? They will normally remove any entries when the referenced File is Not Found.


Helping People Not Get Stung Since 1970
A V C © - Almost Very Clever
[which implies some cleverness, but staying humble (or is that bumble)]
Gary

Farewell Štefan Németh, Thank You for all your help.
July 4, 2012 13:59 Re: Device mfeavfk01.sys Hidden Driver Object Is Hidden #211563
Reply with Quote | Quick Reply | Top
jirka82

Avatar

Administrator
Join Date: 19.6.2009
Posts: 3892
Hello carolquirey,

As mentioned by Gary Bee, the driver belongs to McAfee software. It is not recommended running multiple resident security software simultaneously as described here. If the McAfee has not been removed yet, we recommend uninstalling it using usual means. If there are only remnants of the software we recommend uninstalling them using MCPR.exe as described here.
Should you face any trouble removing remnants of McAfee drivers, please contact McAfee customer support for further guidance.

Thank you.



AVG Team
How-To articles | FAQ | Free Support