Why didn't Mcafee pick up this spyware when all of Mcafee scanning devices were on ? It won't let me get online,open any programs, just tells me I need to buy their spyware protection. I know it is a "Fake Alert" . I was able to get in and online logged in as administrator and run Mcafee stinger. but it hasn't found anything and it has been running for over an hour. This happened in my wife's laptop running Windows Vista. The "spyware Scan" said I have the W32.Blaster.worm HELP!!!!!!!!!!!!!!!!!!!!!!
Solved! Go to Solution.
I probably over reacted BUT I was pissed that I couldn't do somethig as simple email Mcafee a Question. This time or the last. Glad I finaly found You on this forum to answer and help me. I still think its terable that I can't even get Mcafee an email to express my dishearted, But I am glad you listened and answered.
Thanks for the direction to fix my problem.
Update your dat files and scan your PC with Virusscan in Safe Mode.
To do this, tap F8 repeatedly while booting up. You'll get a boot screen with choices. Pick Safe Mode. Your PC will boot in a low resolution state as most processes won't be running. Go to "My Computer" (XP) or "Computer" (Vista), right-click the hard drive and select "Scan" from the drop-down menu. You'll see an extra taskbar icon which will show a progress report if you hover over it.
If you think you have a virus infection on your PC do one or both of the following :
- Run the free Mcafee Stinger program from http://vil.nai.com/vil/stinger/ - ( ok done this)
set it to Report Mode (in Preferences) and post the logs of anything it detects.
- Join the McAfee Getsusp group at https://community.mcafee.com/groups/getsusp30-beta-feedback
You will have to ask there for Getsusp, which is a Beta program and not yet on general release.
Before you use Getsusp, you should go to this document
and download the PDF file explaining what Getsusp is and how it works, and this document
which downloads the installation guide PDF document.
If you want a second opinion, or to be on the safe side, then you can do a scan with the free versions of these tools :
If you already have Malwarebytes installed, the virus could be protecting itself against it. In that case, in order to get Malwarebytes running you'll need to rename the executable. Open the C:\Program Files\Malwarebytes Antimalware folder, then rename the "mbam.exe" file and double-click directly on the file to open the program. After updating the program, run a full system scan using Malwarebytes.
Make sure both programs are updated to the latest versions before running them and let them clean anything they find.
Your apparent problem is this "W32.Blaster.worm" but in fact that is a red herring. Unless you haven't been installing any McAfee or Microsoft updates for the past seven years, you are protected against this - unless a brand-new variant is suddenly on the loose, in which case a lot of people would be shouting about it by now.
McAfee knows it as W32/Lovsan.worm.gen and protection against it has been available since well before June 2004 (the latest known variant).
Microsoft began to put measures in place to protect users back in August 2003 : see http://support.microsoft.com/kb/826955, last updated October 2010.
You imply that the message about the Blaster worm is being produced by some kind of fake anti-virus program. It would help us to know how to get rid of it if you could tell us which fake program this is. McAfee probably won't be able to do much about it if it's a fairly new one, but there are other tools that you could use. You do though need to be connected to the internet to download the tools. Can you safely get online from the Vista laptop? If not, you'll have to download onto a USB device, rename the executable, and run it from that.
Or you could just do a System Restore and go back to some point where you're confident this infection had not yet appeared.Message was edited by: Hayton on 13/02/11 00:18:41 GMT
You aren't alone - here's a thread from BleepingComputer forums with someone reporting the same issue. Without a name of the fake anti-malware software it is hit and miss on what exactly may or may not work.
But Blaster itself should never be a problem in any up to date computer (Windows Updates as well as McAfee) as it's been on the books for years.Message was edited by: Ex_Brit on 13/02/11 3:53:00 EST PM
All of my software WAS uptodate. Mcafee PISSES me off by not catching things like this.What do you get for $50.00 a year? NOTHING!!! No support at all! I did get the problem fixed after about 5 hours of work. I have had Mcafee for about 15 years, but without anyway to email or get in touch with them without PAYING AGAIN EXTRA, this will be the last time I renew with them.
The up to date remark was directed at the real blaster.worm which in this case, it isn't. Most antivirus application have a really hard time detecting these fake anti-malware applications, so don't think McAfee is the only one that wouldn't stop it.
That's why there are such things as Malwarebytes free, which in turn would most likely have a hard time stopping the millions of other infections that McAfee and othe A/V's do stop.
No support at all!
I disagree, what do you call this thread?Message was edited by: Ex_Brit on 13/02/11 9:06:06 EST PM
So I should use FREE MALWARE. A free program will do a better job? I'm confused!!! I've had problems with Mcafee last fall and had to pay an extra $35.00 for them to tell me they still had my old computers on file and would not update me anmore untill I paid for more copies. I know this don't have anything to do with this issue but I'm disgusted!!! Thats why I would like to see a little free advice
You just got free advice, would you rather we ignore you and just let you carry on complaining? It's not free malware, it's free anti-malware and is one of many tools we can recommend, but as I say, if you'd rather not then it's your choice. There are plenty of other people we could be assisting and lots of other things we could be doing.
Don't forget these forums are peer-to peer support mainly, so we are users like yourself, just volunteering.Message was edited by: Ex_Brit on 14/02/11 7:19:53 EST AM
jimrobmg, your original message was headed "W32.Blaster.Worm". You did not tell us what was the fake program which produced this message. You say it is now fixed : good. We pointed you towards tried and trusted methods for dealing with rogue software. Malwarebytes specialise in removing these, and leave the business of virus-detection (the heavy-duty stuff) to McAfee to deal with. McAfee picks up and deals with some rogue software, but not all, and Malwarebytes in any case tends to get there first. If you were thinking that any of McAfee's competitors would have detected and removed whatever it was you had on your system - and we still don't know what that was - you are welcome to go and peruse their forums, where you will find exactly the same complaints being made about failures to detect rogue and fake software.
We did the best job we could to try and help you. If you feel we could or should have done differently, well, you are entitled to your opinion.