Bits from Bill

Technology thoughts leaking from the brain of "Bill Pytlovany"

Sunday, October 10, 2010

McAfee Continues to Harm WinPatrol Users

In the security industry it’s especially nice that many companies get along and often help each other. WinPatrol may not be considered competition but I still have great relationships with folks at SunBelt Software(now part of GFI Software), MalwareBytes, Kaspersky, ESET, Microsoft and even Symantec. One company who apparently has no interest in working together is McAfee now owned by Intel.

Two weeks ago McAfee changed one of their signature files and it started to tell all their customers our WinPatrol setup programs was a dangerous Trojan named Artemis!4FAE1D776481.  A week ago I finally found the correct procedure to submit my file and report their “false-positive” error. I was told by an automated Email that their test was inconclusive and the file was being sent to Bangalore India for more research.

October 4th   McAfee Labs – Beaverton
Current Scan Engine: Version:5400.1158                                                 
Current DAT Version:6120.0000                                                         
Upon analysis the file submitted does not appear to contain one of the 200,000 known threats in the AutoImmune database. The file may contain a new threat, or no code capable of being infected.

October 6th McAfee Labs Sample Analysis
Issue Number:  6239937   Virus Researcher: Vivekanandan C
McAfee Labs, McAfee Labs, Bangalore, India

Synopsis - File Name - wpsetup.exe

We are forwarding the inconclusive samples to our Senior Research Engineers for further review.  We will get back to you once the researcher has completed the evaluation.                                                         

It’s not unusual for Anti-Virus companies to report “false positives”. This has happen a few times in the past but other companies had quick responses and were anxious to fix their errors. The same is not true with McAfee which is now owned by Intel.

This mistake by McAfee came at a time when a brand new version of WinPatrol was released and widely promoted. I can’t begin to imagine how many customers I’ve lost because McAfee wouldn’t allow them to install WinPatrol. I’m sad to say many believed McAfee and will never trust WinPatrol. This is a great insult to their users and the entire WinPatrol community. Even now hundreds of copies of the falsely identified versions are still available on websites like CNET’s Download.com.

mcafeereview
Recent Reviews on CNET Download.com

The reviews above prove how McAfee has damaged WinPatrol and it’s reputation. Even the folks who know that McAfee is wrong, have been giving us low ratings on CNET hurting our review status. Click here to post your own review.

cneteditors 
Thankfully CNET editors don’t use McAfee

 

Instead of waiting for McAfee and losing more customers I have re-created our setup program by purchasing a new install package called Tarma InstallMate 7.  McAfee does not report a false problem with this new setup. If you’re still a McAfee user or you have a copy of wpsetup.exe on your website, you can download this new file from http://www.winpatrol.com/download.html. If you have already successfully installed WinPatrol 19, the Cloud Edition, no action is required. All the installed files are the same as our previous setup.

UPDATE 10-10-2010
It’s always nice to have friends like Steven Burn who manages the website www.it-mate.co.uk.  Steve was helpful in getting a response from McAfee.

Just checked our database. That particular file was whitelisted today, Oct 10 2010 (Sunday, BTW :)) , by a McAfee researcher in Bangalore, India. So, the detection should go away soon as the "news" spread through the cloud
(Artemis is our "in the cloud" detection technology).
Dmitry Gryaznov

I have confirmed using VirusTotal that we test clean. Dmitry and a few other corrected me when I said McAfee was owned by Intel. This transaction has not been completed so Intel is not currently involved with any operations at McAfee.

Share on Facebook


24 Comments:

Anonymous ky331 said...

"McAfee which is now owned by Intel...."

To be precise (and fully legal), Intel does not yet "own" McAfee. Rather, Intel has "entered into a definitive agreement to acquire McAfee"... and while all parties will concede it's likely to be consumated, such agreement can only proceed pending "McAfee shareholder approval, regulatory clearances and other customary conditions specified in the agreement". In other words, at present, McAfee is still an independent company, trading on the NY Stock Exchange under ticker MFE.

None of this is meant to excuse what McAfee has done (is doing) to WinPatrol... only to legally separate Intel from the current confrontation.

8:59 AM  
Blogger Darl said...

I didn't know anyone still used McAfee. Since the 80's I have told everyone I knew that had to get rid of it.

1:22 PM  
Anonymous Smokey said...

Hello Bill,

I have requested McAfee for elucidation, let's see what their answer (IF they answer at all..) will be.

Best regards,

Dave

2:08 PM  
Anonymous Anonymous said...

Back when i first started using computers and didn't know what i do now my system ended up with something like over 50 viruses on my computer that had McAfee on it which were mostly fps and from that day i stopped using it. I don't know and quite frankly don't really care if McAfee has gotten better at detection i will never install that junk on any computer i own ever again.

2:22 PM  
Anonymous Anonymous said...

Thanks in part to your unfortunate experience with McAfee, I have installed Microsoft Security Essentials and am dropping my subscription to McAfee.

3:05 PM  
Blogger Joan said...

I was just able to dowload v19 from the winpatrol site, but CNET still has the version that McAfee sees as a trojan. I don't understand why anyone would downgrade WinPatrol because of an error on the part of McAfee. And for those who say, use MS Security Essentials, I tried that on a community computer and got a virus within a month.

7:51 PM  
Anonymous Celeste said...

Bill it is so sad to hear of this happening to WinPatrol. The damage has been done. Hopefully everyone who participates in security interests will point out this error to their users.

McAfee is certainly not professional in their business practices. They should be more accessible to the other software developers.

8:31 PM  
Anonymous Anonymous said...

McAfee is always right. If it says winport is dangerous, it's dangerous end of discussion.

12:39 AM  
Anonymous DaveN said...

I tried McAfee once; a bad experinece. I uninstalled it and putting the cost down to experience. I advice to anyone with a PC is to install WinPatrol and uninstall McAfee.

3:16 AM  
Anonymous c.schaar said...

I used McAfee many years ago but quit when it repeatedly trashed itself during its update process. At that time I also recommended switching to something more computer-friendly. I've never regretted my decision to change. Perhaps this will encourage any of your loyal fans still using it to stop as well. Shame that it has damaged WinPatrol's reputation, but I'm sure those in the know will return!

3:53 AM  
Anonymous Red said...

My advise when releasing future versions of the software is to submit it to virustotal.com. Files get scanned using 42+ AV companies and you may avoid a false positive scenario in the future. Of course, the detection could be added after the fact, but there are also procedures to submit your files to AV companies to be checked and whitelisted before being made public.

The basic process for most AV vendors is trust no code until proven clean. And in my experience it's better to have the code white listed before release than releasing and hoping for the best, especially there are many rogue software out there claiming to be AVs (not implying yours is one of them).

Typical updates are 1 per day, so even if MFE removed the detection on the first day, it will still take 24 hours before the detections disappear.

My 2 cents.

9:08 AM  
Blogger Unknown said...

Great advice Red. I am a big fan of VirusTotal.com and it has been instrumental in my daily research.
I will absolutely be submitting any new files to VirusTotal when it comes to launch time.

9:46 AM  
Anonymous Anonymous said...

McAfee... again?!

1:37 PM  
Blogger Tilman Hausherr said...

I am the author of Xenu's Link Sleuth and have had the same problem with McAfee for months. Mails to the official artemis address didn't help. I found a new contact form yesterday and today McAfee told me that false Artemis detection has been removed. I'm now waiting for virustotal to confirm the whitelisting.

2:27 PM  
Blogger Unknown said...

Enough jabs at McAfee, warranted as they my be, the truth to this matter is that WinPatrol is an essential tool that I can no longer live without (not to mention it's free...)!

As a long-time IT specialist who has helped many companies and individuals with computer-related issues, WinPatrol has easily become the first utility (free or otherwise) that I load onto every computer I build, sell and/or reformat.

Furthermore, for many years I took pride in being able to get by with using only free software (including WinPatrol) - but now that I understand how much actual work is required for any successful endeavor, I now take more pride in sending money toward the best of these so-called "free" programs - especially the ones I cannot live without!

1:30 PM  
Anonymous Anonymous said...

anyone still using that ... ? we still waste time with McAfee..? I ditched them when I was young - for not allowing to uninstall and then blocking all ports so that I had to reformat the HD - and will not touch them ever,even if they were the last ones on the planet.

7:37 AM  
Anonymous Anonymous said...

When I last used McAfee poducts many years ago it was bloated crap that seriously affected computer performance.

In otherwords the exact opposite of WinPatrol.

False positives occur. I once had AVG flag half my files as viruses. But McAfee should do the responsible thing and send an email to its users informing them of the issue since thier error affected the reputation of a commercial product.

7:40 PM  
Anonymous Anonymous said...

While I agree that this sort of thing damages WinPatrol, I would also argue that it damages Mcafee just as much.

People get to heard of these things and dont like what they hear, so consider switching to a more friendly outfit.

Pr is all important.

10:57 AM  
Blogger Unknown said...

When installing the new version 19 with the new installer, I get a block from PCTools Threatfire. While I trust winpatrol enough to install anyhow, it might be a good idea for Bill to look into this, too.

8:16 AM  
Anonymous Tracey said...

Half my downloads are flagged as possible malware by mcafee, most updates from places like itunes. How can such a famous company be so ropey? It's very confusing for a non techie.

4:47 PM  
Blogger Bob said...

I, too, use WinPatrol, paid subscription and absolutely would be unwilling to be without it. However, too many comments here are much too extreme, too emotional. McAfee is an excellent product and works well. Conflicts are always possible and require pretesting on the part of all as Bill has learned. Bad mouthing serves no good purpose, especially when there are so many malicious threats on the net.

11:34 PM  
Blogger Jim said...

I've been using WinPatrol for more than ten years. Back in the day, I did use McAfee for a short time only, because non-detection issues were constant. I switched to TrendMicro until it became clunky and a resource hog. For years I've be using Avira and recently added Malwarebyte's Antivirus too. They work together very well on Windows 7 Ultimate and without any conflicts or false positives. Never, in more than ten years, has WinPatrol ever been identified as an application that harbors an executable maleware or virus code. What are these guys at McAfee up to?

11:50 PM  
Anonymous Anonymous said...

My ISP provides anti-virus with it's service without charge.They used to use F-Secure,but have dumped them for Mcafee.I had Mcafee years ago,and they left a bad taste in my mouth.They wouldn't refund the unused portion of a multi-year subscription I took out and tried to cancel when I decided to go with my ISP's anti-virus service.

11:26 PM  
Blogger Neil Anthony said...

I hate McAfee and will never have that piece of crap on my PC. It's not worth the code that its written on and as far as trusting it goes...everyone who knows about real security, knows that is shoddy and ineffective.

I hate McAfee and as a company they are guilty of corporate vandalism.

I remember a program that I used to own called 'Neo Trace'. It was a fantastic program, that is, until Mcafee got hold of it. They brought it and closed it down, rather than let people continue to use the program and/or continue to buy it...I was outraged and horrified that this shitty company did this.

If I was you Bill, I would sue their asses off for loss of Business or anything you can get them on like deformation of character or slander if that is possible. I would at least be talking to my lawyers.

6:07 AM  

Post a Comment

<< Home