3 Replies Latest reply on May 3, 2011 7:55 PM by Hayton

    Can I trust McAffee to keep me secure?

      Just spent 2 days sorting out a problem which was completely missed by "Internet Security". My online banking was blocked because I had a virus. When I ran a scan on McAffee it reported OK then ran Spybot which found ProData.DoctorKeylogger .  I keep definitions updated and scan weekly, so why did this manage to sit there unreported by McAffee?

        • 1. Re: Can I trust McAffee to keep me secure?
          ConorD62

          Keyloggers hide in files very quietly,

           

          Most Anti Viruses have trouble to detect them because they are so quiet,

           

          Whilst Anti Malware programs find them easiler, because they are trained to do that..

           

          Keyloggers are classed as Malware Trojans, Anti Malware programs are trained in Malware, and not in Viruses.

           

          on 04/05/11 7:09:53 EDT AM
          • 2. Re: Can I trust McAffee to keep me secure?

            Hi Paul, As with any other security program it is always a good idea to keep a program like Malwarebytes on hand for a second opinion.Keep it up to date and scan with it Maybe every 2 weeks or less.Unless you feel like your computer is not running properly.If your extra security minded you could also try spywareblaster also.This is not a scanner.But helps protect your home page and host files.It is also a pretty light program.Malwarebytes is a great free program.As is spywareblaster.You can download them from here.I also noticed Mcafee has problem with Spybot.Not sure what that is about.But here is the page.

             

            https://community.mcafee.com/docs/DOC-2168

            • 3. Re: Can I trust McAffee to keep me secure?
              Hayton

              Conor is right, and so is Newjack. McAfee would not necessarily detect this Keylogger as a virus nor as a Trojan. Keyloggers are highly undesirable, and in most cases finding one on your system would be an indicator that you have a malware infection - which McAfee ought to detect. I don't know how your online banking connection detected the presence of a "virus", but something obviously wasn't right with your connection to their system.

               

              This keylogger is sold openly by Pro Data Doctor (prodatadoctor-dot-com) - a company with a green SiteAdvisor rating but a poor reputation according to WOT. Their server is located in Oxnard, Ca., between LA and Santa Barbara (according to Utrace) or in Montreal, Canada (according to ChromeFlag); their site gives no contact details except an email address and their Privacy Policy is in the form of a Flash document, which Chrome (thankfully) blocks.

               

              The website boasts of this nasty piece of work that it

              records all typed keystrokes such as typed e-mail, passwords, chat conversation, URLs, text documents and generate detailed report of recorded data that can be secretly sent to user defined email accounts. Safe and secure key logger utility traces all typed keyboard activities in efficient manner when you are away. Invisible keylogger software works as background process and remains hidden in Desktop items, Add/Remove program list and even from installation folder path.

               

              You were right to be concerned at finding it on your system.

               

              McAfee should, I think, have detected this and quarantined it as - at the very least - a Potentially Undesirable Program. The other programs mentioned are invaluable backups to an antivirus program, and everyone should have them installed and kept up to date, and run them once a week for peace of mind. Malwarebytes, SuperAntiSpyware and Spybot between them (yes, there are others, but these three I know and use) should pick up and deal with just about everything that McAfee misses or chooses not to deal with.

               

              Edit - The underlined portions of the above quote were originally clickable links which went to "keylogger-dot-in", an Indian site rated Yellow by SiteAdvisor ("McAfee TrustedSource web reputation analysis found potential suspicious behavior on this site which may pose a security risk.") That site refers back to prodatadoctor-dot-com, so there is a relationship between them.

               

              Message was edited by: Hayton on 04/05/11 01:55:44 IST