1 of 1 people found this helpful
No ... they refuse to acknowledge it at this point. I had to purchase another program to remove it after three complete McAfee scans would not pick it up. This is a very nasty one too and McAfee should be ashamed of missing it when a simple program like Hitman Pro will take care of it easily. My system had the following virus issues thanks to McAfee:
DMIO.sys - Rootkit
Update.exe - Malware
CBF.tmp - Trojan
Moved to Corporate User Assistance for better attention.
It's not unusual as no antivirus on the market is perfect or works for 100% of what's out there. There is a submission process for unknowns: WebImmune
There is usally a free program out there that will catch these things, no need to purchase anything, you just have to do a bit of searching and research.
Message was edited by: Ex_Brit to place the correct slash in the infection title.
Well ... not being perfect is one thing, but intentionally missing a known virus and refusing to acknowledge it in order to upsell customers to their $89 removal program is dispicable.
They absolutely are aware of this virus, but have so far refused to update their programs to include it.
Several simple programs like Hitman Pro can do it though.
The BBB is aware that McAfee may be intentionally upselling this way.
Well this must be a different one from what I found in my research and as I stated earlier submit it to Webimmune and if rejected reply to the email disputing their findings.
Per http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Vir us%3aWin32%2fAlureon.H it is known by McAfee as Patched-SYSfile.d and is removable.
Google that name to see what I mean.
No virus scanner 'deliberately ignores' anything but can slip up on variations of a known infection and that's where the submission process is important.
As of yesterday, 08/03/10 their updated dat 7/28/10 does not yet pick this one up no matter what alias they call it. It can be an especially nasty one and it is already wide-spread.
The reason why Hitman Pro detected it and Mcafee did not, is possibly due to the fact that Hitman Pro uses five vendors engines, they being- A-squared, Avira, G-Data, Nod32 and Prevx.
The latest verson of this rootkit is only detected by one vendor, and that being a heuristic one. Antivirus programmes are a last line of defence, not a first. The first line of defence is the user.