cancel
Showing results for 
Search instead for 
Did you mean: 
Greens
Level 9
Report Inappropriate Content
Message 1 of 4

Rogue Software and Vundo

Last Friday my computer got infected with Rogue Software and Vundo. It took 3 days and 4 phone calls to McAfee support and I THINK the bugs are gone. My question is, how in the world am I getting infected with these bugs when my MacAfee is a current version, up to date, and always running in the background? I'm running Windows XP MCE, all up to date with the windows updater and SP3. I,m using IE 7. I have the whole McAfee security suite and the virus scanner is version 12.1. The whole suite is all up to date with the engines and dat files. In this case, the bugs came from a website my son visited. He swears up and down that he wasn't downloading anything.

I went through 4 techs who all swore that my system was clean after they took over it remotely and did their thing. After the first one, I even went on line a bit while they watched to see if all was well and it seemed ok until I hung up. The bugs must have been deeply hidden and self-replicating.

Thanks for any advice or comments.
3 Replies
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 2 of 4

RE: Rogue Software and Vundo

Accidents will happen. It's so easy to click on the wrong thing and there is no such thing as the perfect protection software. Especially with entities like Vundo, new variants of which appear almost by the hour.

We recommend that people keep some extra anti-spyware tools around and updated, just in case &, if they are downloading or file sharing a lot, expect the odd glitch.

Read here: http://community.mcafee.com/showthread.php?t=136913 for suggested (free) anti-spyware and other hints.
Also here for prevention tips: http://community.mcafee.com/showthread.php?t=227819

RE: Rogue Software and Vundo

Ex_Brit - I have to disagree....why can Kaspersky then be able to detect these variants when Mcafee cannot. We have deployed mcafee to 600 workstations in the last month - not much, but growing to about 2000 - problem is we are only now picking up on Mcafee's issues - one of our other clients has informed us that Mcafee does not pickup the Win32.autorun variant when usb sticks are plugged, but when plugged in machine with kaspersky it detects immediatelly.
I have also noticed it does not pickup the w32.krap.k variant from the systemguard2009.exe malware - i uploaded this to webimmune and it "has been passed on to a researcher" . our clients are paying for a service they are not receiving. We will probably be moving away from mcafee at our current customers as there is no shortcuts wrt cost when it comes to virus threats - if other vendors can do it so can mcafee - but seems not the case.

BTW Greens - I feel your pain - we had a similiar issue with the vundo variant - only 2 or 3 users from customers running mcafee was infected! All of the users had to be reformatted to be sure - the customers have all decided to opt for another vendor.
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 4 of 4

RE: Rogue Software and Vundo

I am sure that there lots of things that McAfee catches that Kaspersky doesn't & vice versa. Ask any independent malware forum that question and they will confirm it.

As I keep saying, there is no such thing as the perfect protection software.

If you are deploying software on so many machines I would hope that it is the Enterprise product you are using, which works differently from the home products as it is specifically designed for that environment.

Enterprise has its own support section under "Desktop & Server" in the Corporate section of the main page of these forums, near the bottom. I can't answer for those products I'm sorry.
Member Rewards
McAfee Community rewards active and helpful members just like you. Click here to take a look at the first community members who received a special reward and were recognized by McAfee leader, Aneel Jaeel, for their participation and trusted knowledge in the community.