15 replies to this topic

[Cristiano]

According to the latest version of McAfee SiteAdvisor, we are hosting viruses in our site, specifically, at apup.zip file. The issue is related to a false positive presented by McAfee and several other antivirus vendors for uz.exe. Uz.exe never was a virus, or a trojan, or a worm. That file was just a tool designed to extract zip files, nothing else. We managed to gain confirmation from F-Secure and from Kaspersky that our files was virus-free. But McAfee don't think that and 2 months AFTER we removed the file pointed by them they put us in the exact same level as a malicious site.

It seems there are good web sites, there are bad web sites and there are those that are just plain incompetent. In the incompetent category comes McAfee SiteAdvisor. Even McAfee's process for verifying a web site owner is broken.

Blaming others for false positives is easy, McAfee. We hope that you update your own software some day (like we did 2 months ago, to remove the file that you "think" was a virus) and remove that false positive that you set for us. It's very easy to test: just try checking our entire site again, just to be sure that your false positive isn't here anymore.

To anyone that wishes see McAfee false positive, it's in here

or, to illustrate:


Fool me once, shame on me. Fool me twice, shame on you, McAfee

[darthyoda6]

Or here for full details.

[James]

That's not just a personal rant by Cristiano in the first post. As a fellow AutoPatcher team member, I have checked the facts and support everything written.

The McAfee SiteAdvisor web-site really is a mess. Not only is the web-site so badly written that part of it doesn't work, the server is so badly configured that here in London, UK, either the McAfee server fails to respond at all, or the rest of the web-site fails to load properly and is effectively unavailable most of the day.

--

[Cristiano]

Quote

Dear valued user,

Thank you for your submission. Your involvement in our product is highly valued and helps us to better serve you.

If your message is regarding a customer service issue, or an issue with McAfee software that is not SiteAdvisor, please contact the McAfee support team. We want you to get the assistance you need as quickly and easily as possible.

To obtain McAfee support, please visit http://service.mcafee.com.

If you are using a McAfee consumer (home and home office) software product, you can call our Consumer Customer Service department at 1.866.622.3911 for assistance. If you are using a McAfee corporate product and you have a grant number, you can call our Corporate Customer Care department at 1.800.338.8754.

Sincerely,
The McAfee SiteAdvisor Team

now, wait 2 months or so to they answer and maybe update their software. the funny part: if the idea is protect someone from malicious sites, the software that advise you against it shouldn't be update every day? in 2 months or so, fake websites come and go. i really don't know if would be funny you access some McAfee green site (that you can trust) and then realize that the site was gone and replaced by some scam, making McAfee site advisor users think that is an trusted site. can your software really be trustefull, McAfee?

but the really fun part: as a former webmaster, it's really amazing see that a company like McAfee doesn't check his own website code and make a broken tool to "prove" that we own our website. the files that yours have requested are in place, McAfee, just your buggy tool can't find. but a hint: it may be more simple if yours fix your own code

[]s

[Vipin]

hmmm...Sound quite Scary man ...Have you people tried reporting these things to McAfee or are they just damn ignorant about it?

[James]

Yes this has been reported to McAfee, but they have not bothered to reply or, in fact, do anything at all.

--

[Upendran]

I have uninstantiated McAfee site advisor as soon as saw this thread.

[Cristiano]

it's a miracle. by some reason, McAfee has fixed the website owner verification process and i was able to add an comment about our site as site owner. i wrote this:

Quote

we do not host any sort of malware like pointed by McAfee. since the first false detection about uz.exe arrived, we updated our software in order to remove it. 2 months after it, McAfee site advisor started to point us like a bad site, for a file that isn't hosted by our site since months ago and until now, dec 24/2008, according to McAfee, we still have the exact same report from McAfee site advisor. for so long yours will fake this blame on us, McAfee? by the way: we have yours in our main page about this

so far, we have 3 months of a fake false-positive on our back. really impressive...

[]s

[James]

SiteAdvisor ratings may be 1 year out-of-date - so says an article by Mark Joseph Edwards published in the latest Windows Secrets newsletter (and available for reading here: http://windowssecrets.com/2009/02/12/01-SiteAdvisor-ratings-may-be-1-year-out-of-date.)

SiteAdvisor falsely accuses legitimate UK business of harbouring malware. Read it here: http://www.theregister.co.uk/2008/07/17/siteadvisor_false_alert/

The McAfee virus definitions used by SiteAdvisor have also rated Microsoft Windows Vista and Microsoft Office Live components as malware too.

Clearly SiteAdvisor is worse than useless!

--

[Cristiano]

> then i promote malware when i update vista release
no way. there's not any malware in autopatcher and if someone add one by his own will, this one will learn fast why we don't think twice when banning someone. basically, this all story is about "how make money selling false information" by mcafee and some others

[]s

[Cristiano]

it's a miracle. it toke half a year to McAfee finally realize that we don't host any virus in our website, at least with site advisor 2.9 build 2.9.258 updated at 22/03/2009 (ddmmyyyy)

thank you, McAfee. you are just half a year late, but at least yours have finally fix the issue. we just hope that yours never more do that again without any reason like your just did with us. and please, make an favor to yourselves an update your tests more often



[]s

[_def_x_]

James, on Feb 13 2009, 12:53 PM, said:

SiteAdvisor falsely accuses legitimate UK business of harbouring malware. Read it here: http://www.theregister.co.uk/2008/07/17/siteadvisor_false_alert/

This is why this is not a laughing matter, when McAfee is supposed to be in the business of offering security advice, which they are
and they make money doing it, and this said advice is followed because it is assumed McAfee is on top of their game, yet their utter
laziness possibly costs a business both money and reputation - not cool at all!

Mike

[Cristiano]

mike, that happen due that Fee from McFee. if you pay, they may or not review their statement about the site more often. that doesn't mean that they will change that, because they really don't review false positives too often. so, doesn't really matter if you pay a fee to them or not, they will do that only if they are really inspired. the sad part is that if you don't pay any fee to them, the site may take a year or more to be tested again. but the really, really sad part is that if an trusted site is hijacked and some malware site takes his place, site advisor will say that the site is clean, for something like 6 months, maybe more. and you may bet that an malware site will not pay any fee...

[]s

[kth6]

Well, i suggest not using the siteadvisor or use similar services from other companies. Symantec had this "Norton Safe Web" for checking of malicious sites (toolbar is free for 2009 product customers) and it's pretty accurate. You can request a re-evaluation of your site if it is having false positive and they will review promptly. Moreover, user rating counts in the rating though.


But i still don't recommend 100% believing in these "advisors" as there bound to be false positives.

[Cristiano]

do yours wanna know the news? i was investigating an website and i've found this:
"Quando testamos este site, encontramos links para autopatcher.com, que é um distribuidor de downloads que algumas pessoas consideram adware, spyware ou outros programas indesejados."
SAP: "when we tested this site, we found links to autopatcher.com, that is an download distributor that some people think as adaware, spyware or another unwanted software".

the really great news is that we don't have any power over that site and we can't do nothing about that site or, again, over the fake McAFee blame again. but the really, really great news is that if look into our own website classification, it will not point anything about it (and that is true), so, surely, we will still be blamed for an fake detection until McAFee realize that needs fix all those blames that they did to us once

and yours wanna see the funny thing? if yours test our site, yours will find this. in there, yours may read this:

Quote

autopatcher.com
Green Verdict Image

Testamos este site e não encontramos nenhum problema relevante.

SAP:

Quote

autopatcher.com
Green Verdict Image

we tested this site and we didn't found any relevant issue.

[]s