-
August 31st, 2006, 04:36 PM
#1
McAfee SiteAdvisor red flags AO
sigh. Another testiment to ignorance.
Nevermind the disclaimer that AO issues:
! ! PLEASE BE AWARE that some download files may include harmful or malicious code. Before downloading any files from AntiOnline, please verify all sources and make sure that you have adequate protections in place. By downloading any of these files, you agree to release us and to assume full responsibility for any damage which may be caused to your computer system, databases, files or other hardware or software, and understand that these files have not been checked, reviewed, approved or in any way endorsed by us. If you have any concern, then do not download.
So what does McAfee SiteAdvisor do? red flags AO. Full details here and expanded details here
The object of war is not to die for your country but to make the other bastard die for his - George Patton
-
August 31st, 2006, 04:55 PM
#2
Interesting. One of downloads is from a tutorial thread on how to own a system (hence wouldn't necessarily have that warning and the other is from a SpyBlocker program which was probably submitted as legit.
McAfee's program seems rather automated so kinda take it with a grain of salt. I imagine if you put PacketStorm or Astalavista through it, it'd throw red flags up the wazoo!
-
August 31st, 2006, 06:02 PM
#3
yes..... i beat somebody to it. posted it in the morning.
dr ozzy says
Great security resorce, with a nice community. There cms is not secure though, dispite it being private; some parts of it are vunrable to the most simple xss vunrabilitys.
didnt understand what he's talking about.
you are entering the vicinity of an area adjecent to the location.
-
August 31st, 2006, 07:14 PM
#4
Funny?
Antivirus Version Update Result
AntiVir 6.35.1.11 08.31.2006 no virus found
Authentium 4.93.8 08.31.2006 no virus found
Avast 4.7.844.0 08.31.2006 no virus found
AVG 386 08.31.2006 no virus found
BitDefender 7.2 08.31.2006 no virus found
CAT-QuickHeal 8.00 08.31.2006 no virus found
ClamAV devel-20060426 08.31.2006 no virus found
DrWeb 4.33 08.31.2006 no virus found
eTrust-InoculateIT 23.72.111 08.31.2006 no virus found
eTrust-Vet 30.3.3052 08.31.2006 no virus found
Ewido 4.0 08.31.2006 no virus found
Fortinet 2.77.0.0 08.31.2006 no virus found
F-Prot 3.16f 08.31.2006 no virus found
F-Prot4 4.2.1.29 08.31.2006 no virus found
Ikarus 0.2.65.0 08.31.2006 no virus found
Kaspersky 4.0.2.24 08.31.2006 no virus found
McAfee 4842 08.31.2006 no virus found
Microsoft 1.1560 08.31.2006 no virus found
NOD32v2 1.1734 08.31.2006 no virus found
Norman 5.90.23 08.31.2006 no virus found
Panda 9.0.0.4 08.31.2006 no virus found
Sophos 4.09.0 08.31.2006 no virus found
Symantec 8.0 08.31.2006 no virus found
TheHacker 5.9.8.202 08.31.2006 no virus found
UNA 1.83 08.31.2006 no virus found
VBA32 3.11.1 08.30.2006 no virus found
VirusBuster 4.3.7:9 08.31.2006 no virus found
I just ran the spyblocker program through Virus Total, and nothing including today's McAfee found a virus
-
August 31st, 2006, 07:34 PM
#5
i remember the flag used to be green.
maybe it a plot by microsoft and mcafee. people might try to stay away.
you are entering the vicinity of an area adjecent to the location.
-
August 31st, 2006, 07:50 PM
#6
Why in the world would Microsoft and McAfee want people to stay away. Sites like these help Windows users keep their systems secure and give McAfee customers...
Cheers,
cgkanchi
-
September 1st, 2006, 05:10 AM
#7
some public relations exercise required
this ones for the admin and site owners. a red warning may keep some visitors away. someone should contact McAfee and clarify.
Another thing i found, when i add ao to it's do not warn list...nothing happens. it's still red. even after i reloaded the browser.
surely we don't need an unwanted watchdog for ao.
-
September 1st, 2006, 07:42 PM
#8
Re: some public relations exercise required
Originally posted here by chizra
this ones for the admin and site owners. a red warning may keep some visitors away. someone should contact McAfee and clarify.
Another thing i found, when i add ao to it's do not warn list...nothing happens. it's still red. even after i reloaded the browser.
surely we don't need an unwanted watchdog for ao.
It is only a watchdog if you use the software. That site says exactly what it does and nowhere in those descriptions does it say that either one of them is a virus. It tells you what changes are made. I would say the problem is with spyblocker pro. For some reason there is something in there that is making McAfee think it is a trojan. But when you look at what it is doing you can see it really isn't. As for the other one. It was just the way the user created the perl script. It hit on another signature that makes it think it is a virus.
If you don't like what siteadvisor is doing.. Don't use it.
SBpro trojan is a false positive- http://www.spyblocker-software.com/m...showtopic=8327
-
September 1st, 2006, 07:49 PM
#9
precisely...thats what i wished was communicated..not here the posts, but to the software co.
i also mentioned there is do not block site problem...
neways..im outta here!
-
September 2nd, 2006, 11:36 AM
#10
mohaughn
For some reason there is something in there that is making McAfee think it is a trojan.
I guess that the heuristics scan spots the routine that shuts the application down for updates or whatever.
I ran it through Virus Total and Jotti, and everything came up clean. Somehow it has been resolved, but I wonder how good SiteAdvisor is at updating itself?
It seems to me that the product needs more thought and more work. After all, what do you expect to find on a security site .................. recipes for chili con carne?
As a "general rule of thumb" I guess the product is doing a fair job. Looking from the outside I would say that it needs some sort of "whitelist" facility so as not to identify legitimate security sites with skiddie sites?
I know that I am a pedantic old fart but I do get rather irritated by applications that see everything in "black & white". For example I have those that identify John the Ripper and Cain & Abel as malware................... more sophisticated applications merely flag them as "suspicious" and tell you that if you installed them: fine, if you didn't then you have a problem
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|