I'm running McAfee Total Protection with real-time scanning on full time and I don't visit web sites that are marked as questionable by McAfee SiteAdvisor but, last week I'm infected by the "Vista Recovery" malware. It was a major bad infection that stopped me from running both the McAfee scanner and MalwareBytes scans. I kept getting all these crazy pop-ups and most of my files had disappeared! To add insult to injury, while all these notices from "Vista Recovery" are popping up McAfee tells me that it's just removed two trojans and my system is now "safe"! Talk about "dumb, fat, and happy!" McAfee might have been but I sure wasn't--at least I was not happy.
I ended up pulling the hard drive out of the system and hooking it to another computer and when I ran Malware Bytes on it I managed to get rid of the malware. I then ran McAfee and it "found" more trojans. I then ran "unhide" and got most of my files unhidden. I don't think that I've got a completely clean system but it's working for now. I'll probably just trash the system, start over, and restore the important stuff from the backup.
Anyhow, now I'm trying to figure out what I did wrong to get the malware in the first place. Also, I'm running real-time scanning full time but when McAfee does it's scheduled scan it sometimes teports that it's found a trojan or two! If real-tim scanning is on how in the heck do the trojans get on the system? I'm running McAfee Total Protection on six different computers and if it's not going to protect me I guess that I'm wasting my money on it.
Anybody have any suggestions on what else I could do to protect my system? I'm running MS Vista on the computer in question and I keep the operating system and all other software updated.
Moved to Malware Discussion > Home User Assistance.
From what I'm reading about these fake antimalware pests one has only to land on a certain web page to run the risk of catching them. In the early days they had to be clicked on in order for anything to activate but now simple exposure to the page they're on can trigger them.
This really isn't the best spot to ask questions about them however, as McAfee, like most of the major antivirus applications, is trying to catch up with these things and not very successfully, yet.
You might be best asking about it on Malwarebytes own forums perhaps, or Bleeping Computer.
There is a removal guide for it is here: http://www.bleepingcomputer.com/virus-removal/remove-windows-vista-recovery
Thanks for the reply! As I said, I did get things removed somewhat (used both sites you mentioned) but my real question is how the heck did I get infected to begin with. Again. I only visit sites that have been okayed by McAfee SiteAdvisor. Also, even more worrisome is the fact that scans keep finding trojans even though I have real-time scanning on. If McAfee isn't going to protect me from their getting on my system to begin with what should I do to protect myself? Waiting for the scheduled scan to find them isn't acceptable to me.
Do you file share, or download a lot of torrents? Both can be risky if the sources aren't reliable. I keep extra anti-malware software on hand just in case and most importantly keep Windows totally up to date at all times.
That is something I trust you are doing also. There are a few tools I recommend here: https://community.mcafee.com/docs/DOC-2168
Thanks, again, for the reply! I live a pretty boring life so I haven't shared a file or downloaded a torrent in years and I took my torrent software off the computer well over a year ago. Windows is updated automatically so I should be okay there. I just looked at the link you provided and I'll keep that in mind. Thanks, again.
OK, good luck. It might be useful to do the Hijackthis routine suggested on that link. One of those specialist forums may have some advice to give.