1 2 3 Previous Next 21 Replies Latest reply on Jan 11, 2012 8:45 PM by kuttus Go to original post
      • 10. Re: Win 7 Security 2012
        exbrit

        It's unfortunate but these fake antimalware pests are becoming a real problem and antiviruses generally aren't very good at combating them, hence the need for special tools as per that BleepingComputer link.    McAfee also has some tools, see the following document for those and some recommended 3rd Party Tools (halfway down):  https://community.mcafee.com/docs/DOC-2168

         

        How you get it is anyone's guess but the usual way is you've gone to a place on the web and something asks you to click here or words to that effect.  If those links are to these malware sites then you've got hooked already.    If you are quick enough to get out of there and go into a System Restore one can usually escape but often it isn't that simple.

         

        If you don't have browser safety alert software installed already get it...McAfee SiteAdvisor is one and the other I also use is MyWoT (Web of Trust).  At least 99.9% of the time they will alert you to bad links.

         

         

         

         

         

        .

         

        Message was edited by: Ex_Brit on 07/01/12 10:58:35 EST AM
        • 11. Re: Win 7 Security 2012

          I see your posts constantly, and have gone so far as to create an account to reply to your "McAffee cannot address these problems because they are malware" etc etc

           

          3 infected systems came across my desk today, all with the exact same software, and all claiming to have up-to-date versions of McAffee. You dont seem to realize that for "End Users" (people not technically inclined such as you and me) "McAffee" IS their only protection. When a solution is marketed to offer whole PC Protection, the last thing they want to hear is "OH, no, we dont do Malware. OH no, we dont do all rootkits. OH no, we dont do Radmin exploits. OH, yes, we will give false postives on a lot of things.

           

          I gave 2 customers refunds on their software, because frankly it IS useless. No one writes traditional viruses anymore, and McAffee clearly has not kept up (nor has the "other" company)

           

          If anyone who actually works for McAffee is reading this, please work on building a more comprehensive solution before selling it to customers at 69.99 (an aditional 15 dollars for the CD)

          • 12. Re: Win 7 Security 2012
            Peacekeeper

            Point taken pointing some Mcafee staff at this post to read it.

            • 13. Re: Win 7 Security 2012

              QUOTE"You dont seem to realize that for "End Users" (people not technically inclined such as you and me) "McAffee" IS their only protection."

               

              I am that end user. I can google things and fix simple things when I have to but I was taken aback by this malware as I thought I was honestly protected by McAfee.  I had almost got my visa card out thinking that all I could do was to pay the win 7 antispyware fee. Thankfully I had another ancient pc that could show me that this was a virus.

               

              This virus certainly needs a higher profile and customers need to be warned.

               

              And I was disappointed that total protection actually wasn't.  On the plus side I found this forum.

               

              Just keeping my fingers crossed that all is OK now with this pc.

               

              Thanks.

              • 14. Re: Win 7 Security 2012

                I am sorry to here what happen to your computer. The fact is McAfee is one of the best Antivirus Available in our Market. In daily basis lots of infections are releasing in the Internet. So the users like us. (Me and U guys) also have to take some Extra care while using the Internet.  Most of the infections are coming from some free stuff from the Internet. Like Free Software's, Toolbars etc. What I recommend is not to use any such software on our computer. It is our duty yo protect our computer. So we also have to take some Extra Care.

                 

                I a, sure McAfee is protecting most of the Infections from the Internet. If a new infection released in the Internet it will take time to release a update for the same.

                 

                 

                There may be one more infection associated with it. . To check it's presence you have to do one thing.

                 

                In Windows XP

                ----------------------

                 

                Click on the start meanu and press on Run.

                Inside the Run window type CMD and press on Okay.

                In the black Command Window type

                NETSH WINSOCK RESET and hit on enter.

                 

                If you get a message

                "Sucessfully reset the Winsock Catalog.

                You must restart the machine in order to complete the reset." then you are safe.

                If not your computer is infected.

                 

                Steps - 1

                 

                Try the above steps.

                 

                Steps-2

                 

                Ping.exe is a infection. To fix this run a SIGVERIF on the compuiter. For that Click on Start Menue -> Click on Run -> Type SIGVERIF and press on Ok.

                Follow the instructions.

                 

                It will detect one infected *.sys  file. You have to replace that file from the recovery console.

                 

                The other solution to fix it is a Fresh Installation.

                 

                In Windows Vista and Windows 7

                --------------------------------------…

                 

                Click on the Start Menu and in the Search box type CMD

                At the top you can see a CMD file. Just right click on that file and select Run as

                 

                Administrator.

                 

                In the black Command Window type

                NETSH WINSOCK RESET and hit on enter.

                 

                If you get a message

                "Sucessfully reset the Winsock Catalog.

                You must restart the machine in order to complete the reset." then you are safe.

                 

                If not your computer is infected. In windows Vista and Windows 7 a successful system restore

                 

                will fix the issue. Try a system restore to a good point.

                 

                After a successful system restore try to do the same step again.

                If you got the message "Sucessfully reset the Winsock Catalog.

                You must restart the machine in order to complete the reset." your computer is safe and secure.

                 

                Message was edited by: kuttus on 1/8/12 4:34:03 AM CST
                • 15. Re: Win 7 Security 2012

                  Thank you.  Ran that and I seem to be OK, no infection.

                   

                  McAfee is now scanning so I'll wait for that to finish before restarting (found 2 viruses apparently).

                   

                  Thanks again.

                  • 16. Re: Win 7 Security 2012
                    exbrit

                    Yes it would seem that McAfee lets these things in, but then all the brands of antivirus software do, it's the way the fake antimalware pests operate.

                    For an antivirus to catch these things it would have to have its heuristic detection (detection of unknowns) set so high that practically everything on your machine could be regarded as a threat.   All antiviruses do a great job of blocking the millions of viruses, trojans and worms out there, but these fake anti-malware entities are neither.   Hence the specialist tools available for exactly that sort of thing.

                    I recommend a few, you may wish to read here:  https://community.mcafee.com/docs/DOC-2168 see 3rd Party Tools about halfway down.

                    • 17. Re: Win 7 Security 2012

                      First thing I did  yesterday after getting rid of that malware was to buy the pro version of Malwarebytes and download stinger.

                      McAfee is currently running a full scan and has found and dealt with 2 viruses apparently so far.

                      Next job, wait for scan to finish and then re-start with fingers crossed having done the netsock thing (?).

                       

                      Wish me luck :-)

                      • 18. Re: Win 7 Security 2012
                        exbrit

                        Good luck and I hope the pro version of MBAM doesn't clash with McAfee as it feasibly could...but most likely wont.   That's why I always recommend the free one.   The main difference between the two is that you have to manually update the free one each time before running it & real-time protection.  That's the part that could feasibly clash.

                         

                        Message was edited by: Ex_Brit on 08/01/12 8:32:33 EST AM
                        • 19. Re: Win 7 Security 2012

                          I have more of a question than a reply on this discussion:

                          I have just finished following all the steps and downloads using the bleeping computer removal guide for this win 7 security 2012, but I am still having trouble with the firewall on my computer.  Last night when I discovered this problem, I ran the full scan using McAfee, and it removed 2 files.  I followed this guide after researching it today and everything came out clean, except turning the firewall back on.  I am using the McAfee software, and when I turn the firewall back on, it automatically turns off a couple seconds later.  In the control panel, I get an error message that I can't  change the firewall settings back to the recommended settings.  "Windows Firewall can't change some of your settings.  Error code 0x80070424"

                          I've even re-run the McAfee scan after I completed the malware removal process.

                          any suggestions??