1 2 3 Previous Next 22 Replies Latest reply on Apr 9, 2013 4:23 PM by exbrit

    Metropolitan Police Virus (ukash)

    ukyank66

      Very disappointed to not find anymention of this virus in the virus search. My daughter got this virus and wehad to download Malware Bytes to remove it. Bit shocking of McAfee, or am Iexpecting too much of the product and the company?

        • 1. Re: Metropolitan Police Virus (ukash)
          exbrit

          These fake anti-malware pests defeat most antivirus software because of the grey area regarding the way they work but there are tools apart from Malwarebytes (the free version of which I always recommens as it's a great supplement to any antivirus) - McAfee has Stinger and there are others too, see this page:  https://community.mcafee.com/docs/DOC-2168

          • 2. Re: Metropolitan Police Virus (ukash)

            Got infected with this today. Today, nine days after your post. This virus has been going around for weeks now if not months. Malware bytes is free, not £29 a year subscription. Free.

             

            So it's simple question; when are Mcafee going to update the "Total protection" that I paid for and stop this obnoxious virus infecting my PC in the first place ?

            • 3. Re: Metropolitan Police Virus (ukash)
              exbrit

              See my previous post, these things escape most antivirus applications because of their nature.

              • 4. Re: Metropolitan Police Virus (ukash)

                That's a cop out, and implies that "Total protection" is less than the truth and that they know it.

                 

                All the advice on this virus seems to point to utilities that are free. So I ask again, when are McAfee going to aknowledge that there is a problem with these viruses and at least add a removal tool to "Stinger" or was my £29 a waste of money?

                • 5. Re: Metropolitan Police Virus (ukash)

                  Hello

                   

                  "Total Security" implies that your getting more than just an antivirus, you also have a firewall, parental controls, ant-spam ect...

                   

                  The reason Malwarebytes is is more proficient in dealing with these kinds of threats is due to the smaller sample set they add to their database. This allows Malwarebytes to add definitions quicker to their database, since they have a smaller set to analyse, most antivirus vendors can receive up to 70,000+ samples per day - and there is only about 400 virus analysts working in this field.

                   

                  How can Mcafee or any other vendor create a removal tool if they do not have a sample for that variant? You cannot create one out of thin air! If you are infected and you can, send the sample(s) to the lab. All vendors are playing catchup, it can take generally from 1hr to several days for samples to be added to any vendors database - in some cases several months - and some samples get missed for whatever reason.

                   

                  It`s also up to users to take steps to secure their pc/laptops/smartphones ect as well ;an antivirus is a stop gap at best. There are plenty of resources on the internet on how to do this, if users did follow this practice, the amount of users becoming infected would fall substantially. I have visited plenty of infected sites over the years- and due to the information i have obtained from others and put into practice- i do not get infected.

                   

                  on 29/03/12 10:45:07 IST
                  • 6. Re: Metropolitan Police Virus (ukash)
                    exbrit

                    Thank you Paullotion,

                     

                    It was also explained to us Moderators by the manager of the McAfee Labs who put out the antivirus side of the product that in order to catch all these fake anti-malware pests, the heuristic detection engine (detection for unknonwns) would have to be cranked up so high that your machine would most likely end up in a non-workable state because VirusScan would start finding issues with just about everything on your machine.

                     

                    If you read any independent anti-malware forum, BleepingComputer, Aumha, Malwarebytes etc. etc., there are dozens of them, you'll see that any antivirus is the same, hence the necessity to have one or two extra tools handy just in case.

                    A quote from one of the lead developers of MalwareBytes (Bruce Harrison):

                    As far as why MBAM is very good at dealing with this infection, that is simple. MBAM is designed to be very good at dealing with malware that the AV's seem to be having problems with. I do not spend my time making MBAM detect millions of infections that any decent AV already detects as MBAM is DESIGNED to work alongside antivirus software, not replace it.  A huge chunk of the research that goes into MBAM revolves around what we see making it into HiJackThis threads as the vast majority of these threads involve antivirus software that was in some way bypassed.

                    Lets settle this now and avoid any further misinformation. MBAM is now a very good backup to any antivirus software and will only get better in the future. MBAM will NEVER add antivirus abilities to its core app and is always advised to be used WITH antivirus software. We actually get this question a lot in the forums and I assure you that we always say : "No, MBAM can't replace your existing antivirus software and is not designed to."

                     

                    I recommend a few here:  https://community.mcafee.com/docs/DOC-2168

                     

                    also....

                     

                    How to Submit a Virus or Malware Sample

                     

                    Message was edited by: Ex_Brit on 29/03/12 6:15:06 EDT AM
                    • 7. Re: Metropolitan Police Virus (ukash)

                      "The reason Malwarebytes is is more proficient in dealing with these kinds of threats is due to the smaller sample set they add to their database"

                       

                      So why can't Mcaffe do it, if it is such a small data set? Sorry but you are just another apologist for a service that is below par. As for "send us a sample" well unfortunately I don't know how to do this: How do I find an unknown file on my PC?

                       

                      After a full system restore to gain control of my PC I doubt that it remains, Three scans with McAfee, Malwarebytes and one other free utility have failed to find any trace.

                       

                      I am not a professional IT manager, programmer or network manager, so without that expertise I have to rely on an anti virus protection and  back up my files regularly just in case. I am just a home PC user paying good money for anti virus, only to be infected by the same virus twice in a period of two months.

                       

                      Your post falls perilously close to blaming the customer, which is not a good stance for a company to take, are you writing on behalf of the company?

                       

                      Or is this a forum where no criticism of the company is allowed?

                      • 8. Re: Metropolitan Police Virus (ukash)

                        Oh and the Police Ukash virus is not a "Fake-malware pest" it does not claim to cure anything. Are we talking about the same virus, it would seem not?

                        • 9. Re: Metropolitan Police Virus (ukash)
                          exbrit

                          I was covering the bases not covered by Paullotion and expanding on why antiviruses generally sometimes don't detect certain things.   I also published a link on how to submit something to the labs if you think it should be detected.

                           

                          By the way, it is in the same class as most of the other Fake Antimalware.

                           

                           

                           

                           

                           

                          Message was edited by: Ex_Brit on 29/03/12 6:59:05 EDT AM
                          1 2 3 Previous Next