I would like to express my disenchantment with McAfee product.
I had McAfee Internet Security installed on my laptop. Before its expiry, I purchased 3 licences of the 2010 Total security for my other laptop that I recently come to possess and for my existing laptop (the other license is for spare).
Recently I have a trojan/virus/malware (not sure which species) attack despite having a McAfee Internet security. I knew my laptop was infected because McAffe warned me to the effect that my pc has been compromised. Further i received a popup message that states some components of McAfee (exe file) encountered problems and has to be aborted. Running a full scan hangs McAfee. I resorted to restoring my system drive using a backup image which I created before my laptop was infected and works fine as a temporary solution.
I tried to disinfect and reinstalled with the Total Security that i recently purchased based upon the instructions McAfee conveyed to me (i.e. using Stinger and McAfee removal tool). However after a few attempts, I could not bring my system back to normal (as described later in the list below the problems I faced). I informed McAfee about my failed attempts and they remotely accessed my laptop to remove the threat and reinstalled McAffee. However, after restarting my laptop (i.e. after the disinfection process and reinstallation of McAfee vide remote access by the McAfee technician), I experienced similar incidences when i personally disinfect and reinstalled McAffee i.e.
# I noticed that the laptop has difficulty making wifi connection (as indicated from the wifi icon on the task bar) and thus I cannot go on line.
# My windows was not running properly and hangs frequently. For example I could not open My Computer and Network Folders or it hangs upon accessing them.
# Upon shutting down, the laptop displays a lot of "ending program....." messages appeared and does not shut down immediately / it hanged. I had to do a hard shutdown.
I informed McAfee about the matter. Initially they thought it was a windows problem or a problem with the internet service provider.
However upon mentioning to them that the "ending program..." messages upon shutting down includes ending "dll" and "explorer" components messages, the McAfee technician immediately suspected that a trojan had replicated my dll and exe files and he directed me to take some initial steps through the phone to restore my wifi for him to remotely access my laptop.
His preliminary actions has returned my laptop to working order with the reinstalled McAfee at that instant. Howver I have refrained from using the laptop as the technician shall continue working on my laptop tomorrow.
Coincidently my other laptop experience more or less similar problems. The main difference is that there was no message explicitly indicating that the laptop was infected. However I received frequent popup messages indicating that McShield has encountered problems and had to be closed. Running a full scan hangs McAfee and upon cleaning using Stinger, removaland reinstallation of McAfee causes the laptop to hang and so forth. However that laptop can maintain internet connection. I did not resort McAfee further assistance with that laptop as I decided replace its hard disc with a bigger capacity.
I can't help pondering the effectiveness of McAfee product especially after buying 3 licences of its highest end product (Total Security) and both laptops of mine were more or less simultaneously attacked.
If McAfee is reading the above, I am interested to know your comments.
Sorry for the inconvenience caused and I understand that you have spent a lot of time and effort because of this. The term Zero-Day Attack refers to new types of threats and malware that are released before any security software vendor is aware of them and has time to add detections and proactive protection. To protect you from a virus or other malware, your security software must recognize some piece of the code used to carry out the attack.
McAfee's Virus Research team is constantly updating its library of 'known' viruses and spyware. At the core of McAfee software is something called 'heuristic' protection...which looks for suspect behavior by any program or file. Even so, the constantly-changing nature of viruses and their different variants makes 100% security impossibility, with any anti-virus software. It is for this reason that McAfee recommends multiple methods of protection to prevent Zero-Day attacks.
The research engineers at McAfee are doing their best on researching the new variants of viruses & malwares and add them to our database.