Just a note to Mcafee users - this program is completely ineffective against the rogue trojan Win 7 antispyware 2012. Not only was Mcafee incapable of finding the virus when I was infected, but a full system scan was unable to detect it.
This virus would open up a fake virus scan page attempting to get me to scan my computer, pay money or enter in financial information anytime that I opened any exe including a browser window. The file would open in my task manager as btr.exe *32 and I could force close the program after opening an .exe in adminstrator mode and that would then allow me to access any programs or downloads that I needed to.
After contacting McAfee I was informed that the only way they could help me would be to pay $89.95.
Instead, I downloaded Malwarebytes for free and used that program to quickly and effectively remove the virus - again, for free.
I think that Mcafee should be embarassed that a program such as malwarebytes with such comparably limited resources was able to solve my problem where Mcafee refused to. It's very obvious that Mcafee is far more concerned about my $90 than they are about protecting my computer. It's obvious that this is a problem that Mcafee could easily enable users to solve themselves just as Malwaybytes had, but then again, how ever would Mcafee pay the rent if they let me do that?
Suffice it to say, I will be uninstalling Mcafee as I have wanted to for some time - and will most definitely be paying the $24.95 to Malwayebytes for their very helpful shareware program. Between malwarebytes and AVG, I'm certain I'll be better protected than I ever was with Mcafee.
· ...from one of the lead developers of MalwareBytes (Bruce Harrison) :
As far as why MBAMis very good at dealing with this infection, that is simple.MBAM is designed to be very good at dealing with malware that the AVs seem tobe having problems with. I do not spend my time making MBAM detect millions ofinfectionsthat any decent AV already detects as MBAM is DESIGNED to work alongside antivirus software, not replace it. A huge chunk of the research that goes into MBAM revolves around what we see making it into HJT threads as the vast majority of these threads involve antivirus software that was in some waybypassed.
Lets settle this now and avoid any further misinformation. MBAM is now a very good backup to any antivirus software and will only get better in the future.MBAM will NEVER add antivirus abilities to itscore app and is always advised to be used WITH antivirus software. We actually get this question a lot in the forums and I assure you that we always say :
"No, MBAM can't replace your existing antivirus software and is not designed to."
And did AVG detect it? Fake AVs are hard to detect by the main line AVs. Some pick up some and others other ones, MWB is designed for such detections.
I can understand your disappointment but Malwarebytes can't replace antivirus software. Why? Because it is mainly designed to detect rogue software, adware and similar infections. Win 7 Antispyware 2012 is not a virus or money stealing trojan, it's a low level threat. It would be a lot worse if McAfee missed banking trojan or a virus. Besides, rogue AVs are easy to remove, especially if you use Malwarebytes or similar malware removal tools. There are also removal guides made for users who can't delete rogue AVs for some reasons:
Rogue antivirus applicatios are hard to detect, they are repacked very often. It doesn't matter if you use McAfee or AVG or any orher antivirus product, there is always a chance that you will end up with a rogue antivirus software. For example, there is another rogue called Security Shield. Cyber crooks have changed the graphical user interface and repacked it. Detection rate 8 /42 (19.0%), only few were actually able to detect it. McAfee was able to detect it.
Message was edited by: techrumy on 6/15/11 3:48:56 PM CDT
Last nite my desktop was taken hostage by Win 7 Antivirus 2012 and dug itself in so deep that Malwarebytes and other attempts to remove it have been ineffective. Right now I'm now waiting for a local geek service to rescue me ($100 minimum charge). The McAfee support guy in India said they could do nothing for me except sell me a removal tool for $89.95. (The link to the "stinger" tool he emailed me did not work.) My question is: am I naive to think that the McAfee "Total Protection" service I've been paying for for the past 7 years should actually be protecting me from rouge malware such as this? It's not actually "total" protection? Does McAfee take no responsiibility for failing to stop it? What's the purpose of automatic updates and daily automatic scans? So I have to pay an additional $24.99 or whatever to protect me from future rogue antivirus applications? Did I not read the fine print? What am I missing here?
Have you read through the other posts in this thread, especially the last one before yours?
Fake AV programs often target machines with unpatched applications (Java, Flash, Reader are favourites) so make sure everything's kept up to date, not just Microsoft programs.
What Support was offering you was a session of paid-for malware cleaning, which for a Fake AV infection isn't usually necessary. We can often point you towards self-help options, and the advice is free.
I'm a total newbie on this so can you guys help me out??? Son's computer got hit with the Win 7 Antispyware 2012 last night too.
I think I have it cleaned out with Mcafee, but... It has totally knocked me out from getting on the internet. He did not have MalwareBytes installed yet and I tried to move it form another computer to his, but that's not working either. (I could be doing that wrong too.)
He is using Firefox... but when he tries to open up Firefox... the screen come up on Windows 7... Open With.... Choose the program you want to use to open this file.... firefox.exe
Windows media center. WHAT???
Same thing happens when I try to open up IE.
Thanks for you help.... I'm going to need it to get this working again.
I was up all night last night fighting to regain control of my computer after being infected with Win 7 Antispyware 2012, a name I will never forget the rest of my life. It simply takes over and eludes every counter measure. Prevents system restores, web web access, can't be shredded, can't be pinned down, can't be quarentined or moved, deleted, etc. McAfee is normally reliable in my experience but along with every other malware detection and removal application mentioned on all the boards on this topic, this latest version of this monster malware rendered them useless since they weren't allowed to download and fight it out on even turf. I finally found a website www.pcrisk.com/removal-guides/6483-remove-win-7-anitvirus-2012 that provided a registration code to enter 3425-814615-3990. The secret is in letting the malware in just a little more and regaining just enough access to your computer that removal applications could be downloaded and have a fair fight. This code entered precisely as the screenshots show on the link above tricks the monster program into thinking you're either buying or have already purchased it (not sure which). This unseizes your computer and allows access to the internet where you can download malwarebytes, PC Doctor, and others (I did them all including the $30 for PC Doctor) and run them to track down and eventually catch and catch again (the malware seems to move around and fight every step of the way) and finally remove. There will be damage though. My 13 month old Dell running Windows 7 wouldn't quite return to normal as I kept getting an error message that McAfee's firewall was not on - nor would it stay on when I hit the on button. According to McAfee support, Windows Firewall works in tandem with McAfee's firewall. Thus some people on discussion boards who are wrestling with this damage have said in recent days that McAfee said "talk to Microsoft" and others are saying Microsoft said "talk to McAfee." McAfee support determined that my Microsoft Firewall was damaged as I kept getting error messages when they instructed me to adjust Microsoft Firewall settings (apparently this same damage prevented McAfee support from remoting in during our email chat). I could find no way to fix this and final Microsoft/McAfee firewall coordination coordination issue. Others in the exact same situation on other boards in recent days are still wrestling with this remaining issue. However, I effectively solved it by saving my recent work product and then doing a simple system "restore" within the Windows button and going back a few days to my last hard drive snapshot and restoring. Now things are perfect and if I ever find those behind Win 7 Antispyware 2012 I will kill them. ##
You need to follow the clean up techrumy above posted that from bleping computer it has the fix for exe files not being associated correctly.
You can also try the stinger fake alert program
Thanks for you reply Shogun rua..... I will have to try the site you mentioned. Tonight... I have to go to work now. I hope their instructions are simple..LOL This tech stuff is way over my head.
Thank you also Tony.... I went to Bleeping computers site last night.... followed their instruction... till I got to the "Downlaod link to RKILL" and that link caused Mcafee to say it was infected with a Trojan. Got out of there is a hurry because I was doing this with another computer and transfering the files over with a USB cruzer. So I was able to get most of the control of the computer back, but I can't get on the internet here with that computer. (It's not configured for this internet set up and I was in no mood to do anymore last night)
I will be back if I can't get it accomplished.