Just a note to let McAfee know that the ATT provided protection suite (current and up to date) did not detect the "System Repair" trojan virus. I selectively scanned the file after downloading and before attenpting to use it. McAfee gave me the ok and then diaster struck.Since variants of this virus have been around a while, it is suprising it was not caught. When can we expect protection for this?
Moved this to Malware Discussion ? Home User Assistance.
None of the major antivirus applications are very good at stopping many of these fake antimalware things that are invading the Internet. It's unfortunate I know but that's why there are specialist tools out there for that purpose.
It's explained to us that whilst antiviruses are excellent at catching literally millions of viruses, worms and trojans and are updated daily, as these fake antimalware things work through someone clicking on something no matter how insignificant, detection would have to be set so high that it would render your machine basically useless in no time at all.
There is an excellent removal guide for this here: http://www.bleepingcomputer.com/virus-removal/remove-system-repair - scroll down that page as the first links you see are advertising.
McAfee has some tools available and they are listed here along with some good 3rd party tools: https://community.mcafee.com/docs/DOC-2168
The trojan came from some trial software. The site was noted a safe by McAfee site advisor. The file was downloaded via our MAC computer and stored in shared folder on the MAC. I accessed this folder from my PC and scanned it with McAfee (while it still resided on the MAC) from the PC (I did not execute the file). Nothing was found so I transfered teh file to the PC and proceeded with the install.
I made a good attempt to be careful and sniff out problems. I was surprised that a scan by McAfee did not catch it.
How did I go wrong?
I don't think you went wrong but it does show that MAC's can be vulnerable too. The SiteAdvisor rating system can't always be totally up to date as it's under constant review.