Software
McAfee LiveSafe/Total Protection
Installation
5.00 star(s)
Installation Feedback
McAfee's install experience is probably one of the best I've seen. The software is deployed with one click via a live installer (like most others).
The installer checks for hardware and software issues that might prevent you from running the software and it also removes all leftovers from McAfee products. It detects other AVs, but it's not mandatory that you uninstall those, though running multiple security software packages might result in system instability, performance degradation or even a freeze. Given that it is now much more difficult to boot in Safe Mode, it might be a good idea to remove what the installer suggests.
In parallel with performing all checks, the installer downloads the full package, so usually by the time it finishes checking, software is already half-way downloaded.
As with almost all other AVs browser extensions are added. Search engine and home page are not changed, but you should be very careful with a message saying "Your Search is insecure" or something of this sort. This will set Yahoo as your search engine.
Interface (UI)
4.00 star(s)
Interface Feedback
I have to admit that McAfee's UI was one of the biggest nuisance I've ever seen. The software used large windows, which provided minimum amount of information. For example, a large scanning window was used, but you could barely see the file currently in scan. Security History window was large, barely showing 3-4 entries.
However, McAfee has consolidated everything in one single window and everything is now much more content-centric.
It all feels modern and snappy and there is some consistency running through the whole experience. Everything is now organised in 3 categories and much more easy to find. The large carousel displaying information of a questionable usability is gone, replaced by much smaller "messages". However, these messages, instead of displaying tips or news, rather serve as "see how much we did for you" marketing tactic. This is the reason I've given the UI 4 stars instead f 5.
Usability
5.00 star(s)
Usability Feedback
Alerts are rather large windows attracting user's attention but by no means they are frequent or complicated. Overall, product seems to be friendly to novice users. Product rarely needs any interaction whatsoever, unless firewall has been set to ask for permission on new connections. Product is known for its low false positive levels.
Scans are not as fast as with other vendors, but the CPU usage has been limited, so you most probably won't feel their impact. You can run a scan and still perform other resource-heavy tasks. That way you won't notice how long they actually take. A first time quick scan might take 7-8 minutes, but sequential scan might complete in 2 minutes or so. This will last till the next update when the scan cache will be purged.

McAfee LiveSafe offers one of the best password managers I've seen - McAfee TrueKey. It also offers QuickClean and program update modules, which might be handy for novice users.
Performance and System Impact
5.00 star(s)
Performance and System Impact Feedback
McAfee's overall performance should be divided in 2 categories - impact and speed.
On a very low-end system, which I've installed it on, impact is almost minimal. RAM usage is ~100 megs, whilst CPU usage is 0% on idle and just 5-10% whilst launching apps, browsing the web and performing other day-to-day tasks. This might be due to McAfee scanning only on-execution and also being heavily-cloud based. There is no obvious impact even during a full-system scan.
Speed on a low-end system however is a different story. Alerts about detected threats take more than 10 seconds to appear, the interface is slow to launch, scans and other tasks are ridiculously slow. McAfee has seemingly optimised the software for lowest impact possible, which of course, reduces the software's overall speed.
I've tried ESET on the same system and it felt a bit more sluggish so it's fair to say McAfee is lighter..

On a high-end system, things change. McAfee's RAM usage goes up to about ~200 megs, whilst CPU and disk usage still remain low. Performance however, goes up, UI and alerts appear in an instant, whilst scans and other tasks complete much faster.
Boot time is not negatively affected by McAfee, as the product starts only the most necessary component during boot - the scanner and everything else gets loaded after the user logon. This is similar to the way Bitdefender has designed their product, with Bitdefender agent scheduled to start about a minute after everything else is loaded.
Protection
5.00 star(s)
Protection Feedback
Before we discuss McAfee protection, I suggest you have a look at this thread, which explains it in a bit more detail and outlines differences between home and corporate products.
https://malwaretips.com/threads/mcafee-livesafe-16-0-r28.104568/post-911135
Take a moment and scroll through the posts to learn more about McAfee protection.

The consumer products of McAfee have been designed for trouble-free computing. This means focus falls on performance, low system impact and low, almost no false positives, as the person behind the PC might not be knowledgeable enough to deal with issues. That's why McAfee has lowered the aggressiveness of the main AV component, whilst Download Advisor provides better protection, where needed - in the browser. This is the point of entry for most threats, so it makes sense having a tougher guard there.
The software still relies on Real Protect Static, which is a pre-execution scan, Real Protect Cloud, which is a post-execution scan, Credentials Harvesting Protection, working against tools such as Mimikatz. It also uses the GTI reputation system to blocks suspicious files and connections. All of these components have been pre-set by McAfee to be much milder and there is not much an advanced user can do to change that. Ransomware remediation feature is also available, as part of Real Protect journaling files and restoring them after an attack.
This all leads to a balance of security, performance and accuracy, but 0-day protection might suffer, no matter what independent tests say. However, the product is not designed for environments needing extreme security, so McAfee's configuration might be the best for vast majority of users.
I test the product on regular basis and most of the time it handles everything perfectly. There are minor cases where injectors get through and cause Real Protect to go mad, remediating threats again and again, until eventually the system ends clean. However, I am not downloading those from the web, so it's not a real-world scenario.

Remediation is probably the best I've seen, the product removes all traces of malware without causing system instability or affecting settings such as file extensions display. Upon executing a threat, an alert from Windows appears that file is not found. This is due to scanning only on execution, but unlike other antiviruses configured the same way, McAfee terminates the alert.

Phishing protection and malicious URL blocking is present in the form of Web Advisor. It's highly effective, though not as good as ESET, Malwarebytes Browser Guard or Bitdefender Traffic Light. It's not too hard to add either one of those as a browser extension and ESET is already behind Google's Safe Browsing Platform.

The product offers file encryption and anti-spam, which are not installed by default, user has to add them manually. For users in the US it offers Identity Scanning and worldwide users get free VPN. Both Identity scanning and VPN require you to be enrolled to the auto-renewal, but secondary bank account or virtual card can be used to avoid getting charged, whilst still using these benefits.

Highly-configurable firewall is still present and there is Intrusion Detection System that can be manually turned on - it comes off by default.
Real-time file system protection
5.00 star(s)
Internet Surf protection
5.00 star(s)
Proactive Intrusion protection
4.00 star(s)
Network protection
5.00 star(s)
Pros
  1. Lots of great features
  2. Low impact on system resources
  3. Easy to use
  4. Simple and non-intrusive
  5. Ransomware protection
  6. Accurate and reliable antivirus engine
  7. Effective malicious URL blocking
  8. Excellent scores in independent tests
  9. Effective malware removal
Cons
  1. Short on configuration options
Software installed on computer
More than 1 year
Computer hardware
Standard HDD, 4GB RAM, Pentium N3530 CPU @ 2.16 GhZ
Recommended for
  1. Inexperienced users
  2. Device is shared by family members
  3. Low specs device
Overall Rating
5.00 star(s)
Disclaimer
  1. Any views or opinions expressed are that of the member giving the information and may be subjective.
    This software may behave differently on your device.

    We encourage you to compare these opinions with others and take informed decisions on what security products to use.
    Before buying a product you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

McMcbrad

Level 10
The McAfee User Interface:

Screenshot 2020-11-08 134824.png


McAfee performance impact on idle:

Screenshot 2020-11-08 155741.png


McAfee performance impact during a scan:

Screenshot 2020-11-08 155955.png


An example of McAfee alert:

Screenshot 2020-11-08 160435.png
 

McMcbrad

Level 10
I am starting to feel that McAfee is starting to get a bit overlooked on here and I would like people to actually realise McAfee is a great company. It's also the biggest independent security company. So let's have a look who exactly McAfee are:
  • Founded in 1987, 33 years ago and employing almost 7K people. This can be seen on Wikipedia.
  • McAfee products run on more than 600 million endpoints
  • McAfee has established a partnership with pretty much all OEMs, many ISPs and even phone manufacturers, such as Samsung.
  • Trusted by 86% of World's largest banks, 61% of Global 2000 firms, 52% of Top 50 retailers, 78% of Fortune 500 firms and 86% of Fortune 100 companies.
  • McAfee holds over 2000 patents in the field of security. Both statements can be verified here: https://www.mcafee.com/enterprise/en-us/assets/fact-sheets/fs-mcafee-fact-sheet.pdf. McAfee patents can be found here and some of them are quite interesting: Patents Assigned to McAfee, Inc. - Justia Patents Search
  • McAfee generated 1.4 billion profit in the first half of 2020 amid financial crisis and Covid situation.This can be verified here: Cyber security firm McAfee raises $620 million in U.S. IPO
  • The McAfee Global Threat Intelligence network contains one petabyte of data:
  • McAfee is a company that does things the right way and also, the hardest way possible. Their home security products are updated frequently, run fairly light and stable and are known with a "balanced" approach. They've been created with the user needs in mind and shows the company's great understanding of both the security field and the threat landscape. Over the course of just a year, they've shown drastic improvements.
  • Unlike many companies that have stopped doing threat reports and writeups, the McAfee website is rich on security information and podcasts.
  • The corporate portfolio of McAfee is probably the most comprehensive of any other vendors.
  • McAfee takes software vulnerabilities seriously and is usually quick to patch any known security holes.
  • To this date McAfee has never been involved nor accused of any privacy violations, malware whitelisting or government cooperation.
  • McAfee was named 2020 Gartner Magic Quadrant leader. McAfee Named a Leader in 2020 Gartner Magic Quadrant for Cloud Access Security Brokers
I wish more people will notice the power of this company and the passion that they still (unlike others) put in their work.
 
Last edited:

Nagisa

Level 5
Verified
It looks like its signatures are not so good against scripts, or maybe it's only the case with McAfee ENS :unsure: ENS couldn't detected most of random powershell scripts that i downloaded from malwarebazaar. Even COMODO detected more. Though, Real Protect Client detected things post-execution(while the script is running) and there were bunch of AMSI detections etc. Enabling "Execution Policy Bypass in Powershell" option under Exploit Prevention also made it able to block samples.
 

McMcbrad

Level 10
It looks like its signatures are not so good against scripts, or maybe it's only the case with McAfee ENS :unsure: ENS couldn't detected most of random powershell scripts that i downloaded from malwarebazaar. Even COMODO detected more. Though, Real Protect Client detected things post-execution(while the script is running) and there were bunch of AMSI detections etc. Enabling "Execution Policy Bypass in Powershell" option under Exploit Prevention also made it able to block samples.
It’s important to understand who this software is aiming to protect. McAfee LiveSafe is designed with the home user in mind, and tho it is prone to a false negative, it probably doesn’t matter to most users. More important is performance and lack of false positives. The same approach can be seen by ESET. I personally don’t find it great, but we can’t say it’s wrong either. Your trouble-free computing is McAfee’s responsibility.

McAfee ENS, as you said, is designed for system admins. We can block key components that are not necessary for the normal user operation. Imagine a scenario where you need to protect a hotel chain. A hotel employee only needs few programs to work effectively. One of them would be a PMS, such as Opera by Oracle, which works in a browser level, others might be Microsoft Office apps. This allows us to enable and even write a vast multitude of rules, which block malware, without it being detected by any of the built-in methods. Closing and locking a door entirely is always a method, less prone to failure, rather than keeping the door open and trying to identify/stop only the bad guys. McAfee is then no longer responsible for any issues - it’s all on us.

On a larger scale, we’ll couple the ENS with EDR, which will give us great overview of what’s happening on every machine in the entire network. McAfee might not detect a threat/attack, but we, as sys admins will. We can then isolate a machine or remove the offending components with one click. Some organisations might use SaaS where their network will be under constant human analyses 24/7, even if they didn’t employ staff to do that.

All that is not available and not necessary to a home user. Programs, without the human factor can only do as much as you’ve mentioned...
 
Last edited:

McMcbrad

Level 10
Does McAfee Web Advisor change your default search engine? If so, which one?
You should be very careful with a prompt saying “Your searches are not secure”. This prompt gives you a feeling that it will add icons next to your search results or something of this sort, but it actually changes your engine to Yahoo!
If you untick the option, your search engine won’t be changed and you won’t see the prompt again.

BC9F0DAD-23A0-4410-8073-35CC2355747E.jpeg
 

Spawn

Administrator
Verified
Staff member
I strongly dislike these companies using the marketing term "Secure Search". As far as I'm aware, Bing (+DuckDuckGo) and Google are the most safe and secure search engines. Google provides accurate results (sometimes biased), Bing comes second (DDG uses Bing+Other sources).

Yahoo, Ask Jeeves and others are all crap engines and probably not filtered.
 

McMcbrad

Level 10
I strongly dislike these companies using the marketing term "Secure Search". As far as I'm aware, Bing (+DuckDuckGo) and Google are the most safe and secure search engines. Google provides accurate results (sometimes biased), Bing comes second (DDG uses Bing+Other sources).
I share your feelings here. The “Secure Search” relies on the same blacklist that can and will be used when you search on Google or open a link. There is no need to change someone’s search engine and it’s just a cheap marketing tactic that then brings a penny or 2 per search.
I like programmes that block malicious domains for all software connected to the internet, even without an extension.
 

McMcbrad

Level 10
Their stand-alone browser extension has always done these two things. Safe Search only works with Yahoo IIRC.
By default the search indicators, if that’s what you are referring to, mysteriously are turned off. You can turn them on in settings.
The feature that changes your search engine is independent and you can avoid it, by unticking it in this prompt.
I don’t like any secure browsers, secure search engines or anything else that changes user habits. Security is supposed to adapt and work for you, not the other way around.

Norton is even worse, they put all these extensions and until you remove them, your settings are locked, similar to a browser hijacker.
 
Last edited:

McMcbrad

Level 10
I came across this post with @Sirf and @struppigel
A request for help with malware removal.



I know I am not allowed to post there so I would like to comment on that here.

The file can't be removed by McAfee, because it is in an archive and there are other clean files. This is a known McAfee behaviour.
What's listed as network intrusions is normal firewall behaviour, discarding packets. Some of these packets come from other devices on the network, whilst others come from this person's broadband provider. The McAfee firewall is very aggressive, specially when set to "Public" profile, as it blocks the Windows network discovery, amongst others. In Stealth Mode, it blocks all traffics on non-system ports.

The only issue is the vvoa extension, which indicates DjVu ransomware, but in the same time McAfee has read it, which means it's not encrypted. Even after removing the infection, assuming there is such which I doubt, the firewall behaviour won't change and not understanding it correctly will cause panic.

This is from a perfectly clean PC:
Screenshot 2020-11-18 013356.png


Hopefully this can be helpful to other users.
 
Last edited:
Top