WinPatrol blames McAfee for lost business Security software firm WinPatrol has criticised McAfee for a tardy response to a false positive problem that it claims might have lost it business. McAfee wrongly identified the set-up program of a new version of WinPatrol's system monitoring software as malign from around 2 October. WinPatrol complained but McAfee said its …
Maybe his company should be running their install packages through a gauntlet of popular virus scanners prior to release. This would be good practice anyway, and fairly cheap for even a small company as long as it actually makes money.
Or he could just moan and stamp his feet on his blog...
no one should run this McCrappy at all...we all would be so much happier and our computers would be...well ours and we would be able to use our computers.
Yes I had to deal with them, after almost a month of trying to convince them our software does not do harm, I start recommending AVG (it only took them 6 hours from the time we reported to them about them deleting [and in the end making the computer not usable] one of our DLL files).
At that time McCrap lost about 1500 people.
I never post here AC.
"What, precisely, does Microsoft have to do with this?"
Please note that I didn't say "Microsoft is to blame", rather I was pointing out that the Microsoft-centric software world has serious issues from the perspective of RealWorld[tm] security.
"Oh, and you forgot the Linux penguin"
Where, exactly, did I mention Linux? There are many secure OSes available that are neither from Redmond, nor the Linux camp. Besides, Icons are for AOLers.
"it's required on arrogant non-sequitur posts attacking Microsoft."
Project much?
So, how about if the next update of WinPatrol identifies McAfee software as malware? If WinPatrol follows it's internal procedures correctly and ships it off to it's labs in Outer Mongolia for confirmation testing, McAfee can't really complain. (I'm not suggesting that WinParol would ever do this, but it's what I'd do.)
Besides which, the cynic in me sits up and takes notice when software claims that rival software is a problem.
The same thing happened to our company, McAfee flagged our application as a virus and it took hours of phone calls to get them patch their set of rules for the next day's update. I found the lower level customer service reps at McAfee to be remarkably unwilling to help expedite the problem. I'm amazed that it took them a week to remedy the mistake that they made with WinPatrol.
If you are building your own software using an industry standard compiler and installer authoring tool, then you shouldn't have to preemptively run your own application through the gauntlet of online AV checks. And if WinPatrol's situation, it did pass the online tests. The problem was unique to McAfee's scanning engine.
Testing your software against a plethora of AV applications is a silly thing to do, especially as a lot of "false-positives" come about months, if not years, after the software has already been available. So pre-scanning in virtually all cases would be completely useless.
Thank for your support John and everyone else who has commented.
The first post isn't a bad idea. I will be checking with VirusTotal in any future launches.
The subject matter is more important but for the record my name is "Pytlovany" with a "y" on the end. I know it probably looked funny but that's really my name. :)
Thanks again,
Bill Pytlovany
BillP Studios
Perhaps AV scanners should take steps to prevent their signature files from being marked by other vendors, as such is noted as a "common" problem. How, you ask? Simple. Encrypt them. Even an off-by-one cypher should sufficiently scramble any signatures to be unrecognizable by any AV software. It would only be "decrypted" when used to scan, and only partially at that since no partial match means no full match either... Just a thought.
1) AV scanners have been encrypting their malware detection databases for the past, oh, 25 years.
2) WinPatrol is not a scanner; it's a behavior blocker.
3) The "artemis" part of the report from McAfee's scanner suggests that the file was detected by their Artemis in-the-cloud scanning engine. That engine doesn't use "signatures" (i.e., scan strings). It uses cryptographic hashes of the whole file. Therefore, WinPatrol's installation package was not reported because McAfee's scanner mistook it for some other (malicious) file - it was reported because somebody at McAfee has added (erroneously) this particular (WinPatrol) file as a malicious file to detect - probably because they didn't analyze it carefully enough.
Intel's decision to buy a tatty AV product with a terminally tarnished brand name was pretty weird before and is even more inexplicable now. Though it might be contended that anyone daft enough to actually use and pay for McAFuckup is never going to be bright enough to understand how wunnerful Bill's little app truly is, nevertheless there's no excuse for the witless inertia of McAFuckup when it came to addressing the reputational damage inflicted on WinPatrol.
I know Bill's not the sort of person who flies readily into litigation but out there in the US where the money tree can be shaken by merely walking into it, there's surely a good chance of $100,000,000 damages for this in view of Intel's bottomless pockets.
Go on, Bill. Give 'em the big Woof!
PS: Loved this bit in Dan Olds' El Reg report (August 20th) about Intel's aqcuisition of McAFuckup:
"I don’t see any reason why Intel would do anything to change how McAfee is currently doing business. According to both Intel and McAfee, it’s going to be business as usual for McAfee."
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
