• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/
       
Sign in to follow this  
Followers 0
epsilon

McAfee flags up AAW free download as malware

17 posts in this topic

New to this forum so hello to all.

Just tried to run a scan of AAW free but received a message indicating that a new version of software was available. Attempted to download the new software from CNet but as soon as it started, my McAfee software stepped in to block it suggesting that the AAW download contained malware. ;)

Likely to be a false positive I know but, once you see that message (which has hardly ever happened to me before), there is always that slight doubt that maybe something nasty has got into the download. I don't like ignoring warnings. Such things are not unknown, after all.

For the time being I abandoned the download of the new software pending resolution of the issue. If there really is a problem with the download, it needs, of course, to be cleaned up. Otherwise, perhaps Lavasoft need to talk to McAfee to get the false positive removed. In the meantime, just thought I'd post it here to alert Users (and Lavasoft - presumably they read this forum) of the problem.

e.

Share this post


Link to post
Share on other sites
Thanks for the info. McAfee detected Ad-Aware back in April, May 2010 but it was the processwatch.exe file. Lavasoft contacted McAfee, but it helps for users to report it to McAfee also:

[url="http://www.lavasoftsupport.com/index.php?showtopic=29132&view=findpost&p=119131"]http://www.lavasoftsupport.com/index.php?s...st&p=119131[/url]

One user got a reply from McAfee - they advised uninstalling Lavasoft Ad-Aware instead of fixing their definitions ;)

I've updated Lavasoft to let them know Ad-Aware's installer is now detected:

[url="http://www.lavasoftsupport.com/index.php?showtopic=29135&view=findpost&p=120943"]http://www.lavasoftsupport.com/index.php?s...st&p=120943[/url]

Share this post


Link to post
Share on other sites
[quote name='visitor' post='120944' date='Jul 10 2010, 12:22 PM']One user got a reply from McAfee - they advised uninstalling Lavasoft Ad-Aware instead of fixing their definitions ;)[/quote]

No surprise I suppose. Ad-Aware is, after all, competition as far as McAfee are concerned. Disappointing nontheless.

Was the issue with processwatch.exe resolved or can I expect to hit that one later?

e.

Share this post


Link to post
Share on other sites
Hi be glad that your mcaffie stoped the down load as avg did not and i got well and truly shafted the download when run was in azabijanie and released at least 10 trojans to the extent i had to reinstall xp

Share this post


Link to post
Share on other sites
[quote name='heriss' post='120961' date='Jul 10 2010, 08:30 PM']Hi be glad that your mcaffie stoped the down load as avg did not and i got well and truly shafted the download when run was in azabijanie and released at least 10 trojans to the extent i had to reinstall xp[/quote]

Ouch! ;)

Thanks for the warning heriss. I'll certainly continue holding off from updating until this one is cleared up.

e.

Share this post


Link to post
Share on other sites
[quote name='epsilon' post='120955' date='Jul 10 2010, 08:56 AM']No surprise I suppose. Ad-Aware is, after all, competition as far as McAfee are concerned.[/quote]
Competitors, but kinda dirty. I think some security companies actually share info on malware signatures and stuff, and compete more on the software development of features and ease of use. If it wasn't evil to not address false positives, everyone would be adding the competition to their detection databases, LOL.

[quote name='epsilon' post='120955' date='Jul 10 2010, 08:56 AM']Was the issue with processwatch.exe resolved or can I expect to hit that one later?[/quote]
As far as I know, it was fixed. There weren't any posts about it later.

[quote name='epsilon' post='120963' date='Jul 10 2010, 05:07 PM']Ouch! ;)
Thanks for the warning heriss. I'll certainly continue holding off from updating until this one is cleared up.[/quote]
If you want to subscribe/follow, here's the other post about the alleged malicious Ad-Aware trojans:

[url="http://www.lavasoftsupport.com/index.php?showtopic=29587"]http://www.lavasoftsupport.com/index.php?showtopic=29587[/url]

Share this post


Link to post
Share on other sites
[quote name='visitor' post='120983' date='Jul 11 2010, 07:02 AM']Competitors, but kinda dirty. I think some security companies actually share info on malware signatures and stuff, and compete more on the software development of features and ease of use. If it wasn't evil to not address false positives, everyone would be adding the competition to their detection databases, LOL.
As far as I know, it was fixed. There weren't any posts about it later.
If you want to subscribe/follow, here's the other post about the alleged malicious Ad-Aware trojans:

[url="http://www.lavasoftsupport.com/index.php?showtopic=29587"]http://www.lavasoftsupport.com/index.php?showtopic=29587[/url][/quote]


Interesting that I got Ad-aware flagged when I tried to download using Firefox but not when using IE8

Share this post


Link to post
Share on other sites
[quote name='geosin' post='121144' date='Jul 14 2010, 06:59 PM']Interesting that I got Ad-aware flagged when I tried to download using Firefox but not when using IE8[/quote]

[i]Very [/i]interesting. I too was using Firefox. Didn't think of trying IE.

Now I wonder why that would be. :angry:

Should I conclude that you did, in the end, install without any further incidents and all is well?

e.

Share this post


Link to post
Share on other sites
[quote name='epsilon' post='121149' date='Jul 14 2010, 02:53 PM'][i]Very [/i]interesting. I too was using Firefox. Didn't think of trying IE.

Now I wonder why that would be. :angry:

Should I conclude that you did, in the end, install without any further incidents and all is well?

e.[/quote]


Yes, installed with no problems and all seems OK. Ad-aware scan ran right after installation

Share this post


Link to post
Share on other sites
For what it's worth: about an hour ago, using Firefox 3.6.6, I downloaded A-A 8.3.0 (+ def's 0150.0013) from CNET & installed it; McAfee cited "possible malware", which I told it to ignore, and everything was fine from then on (including a test scan, which found a couple of tracking cookies, which ATT/Yahoo always delivers to me). Edited by WDF1

Share this post


Link to post
Share on other sites
Did Mcafee flag with it's heuristics or it's signatures?

Share this post


Link to post
Share on other sites
[quote name='Computer wizard' post='121204' date='Jul 16 2010, 04:21 AM']Did Mcafee flag with it's heuristics or it's signatures?[/quote]
In my case, it can only have been signature based, as it was right at the start of the download in Firefox. At that stage, there wouldn't have been any activity for heuristics to trap. The actual message was shown as coming from McAfee Site Advisor. If I recall correctly, the wording was very brief but seemed to suggest that the Lavasoft site had been pre-scanned (as I believe Site Advisor does) and that the download had already been identified as questionable before I tried to download it. It offered no option for further details but simply 'allow' or 'block'.

Thanks for the reassurance, geosin and WDF1. Makes me think I should probably go ahead in spite of McAfee's warnings.

e.

Share this post


Link to post
Share on other sites
[quote name='WDF1' post='121203' date='Jul 15 2010, 05:14 PM']For what it's worth: about an hour ago, using Firefox 3.6.6, I downloaded A-A 8.3.0 (+ def's 0150.0013) from CNET & installed it; McAfee cited "possible malware", which I told it to ignore, and everything was fine from then on (including a test scan, which found a couple of tracking cookies, which ATT/Yahoo always delivers to me).[/quote]
Afterthought: For completeness, I should have mentioned that, during A-A installation, I UNchecked the box to restart my computer in order to activate Ad-Watch Live, so as to avoid interaction problems with McAfee's similar function.

Share this post


Link to post
Share on other sites
[quote name='WDF1' post='121245' date='Jul 17 2010, 03:02 PM']Afterthought: For completeness, I should have mentioned that, during A-A installation, I UNchecked the box to restart my computer in order to activate Ad-Watch Live, so as to avoid interaction problems with McAfee's similar function.[/quote]

Did Ad-watch activate on the next system start-up? did you also try to temporarily disable mcafee? as both security suites have a real time protection mcafee would have recognized the behavior and making the assumption it was a rogue attack so turning off mcafee and turning it back on after ad-aware had completed it final steps would have worked ( in theory lol ). keep in mind if you have mcafee ad-watch really doesn't need to be active but its good to know its all in working order. It's good to know you got it sorted though well done :)

Cheers

Computer Wizard

Share this post


Link to post
Share on other sites
[quote name='epsilon' post='120921' date='Jul 9 2010, 11:09 PM']Just tried to run a scan of AAW free but received a message indicating that a new version of software was available. Attempted to download the new software from CNet but as soon as it started, my McAfee software stepped in to block it suggesting that the AAW download contained malware. :)[/quote]

This was not a false positive, just a false definition. The 2010 version of Ad-Aware now has pop-up ads embedded into the installation, which is the exact definition of adware. McAfee was justified in blocking it, they just incorrectly categorized it as malware instead of adware. Though I don't like McAfee myself, they were protecting you from a program that now has pop-ups, so I would listen to McAfee and stay away from this version of Ad-Aware.

Share this post


Link to post
Share on other sites
i have too disagree with that reason of blocking Ad-aware for being categorized as adware.

1. McAfee as far as I've seen is the only AV company that flaged Adaware for any particular reason.

2. If it was adware Mcafee wouldn't be the only one flagging Ad-aware and then LS would be in trouble for distributing there product

3. as like LS adaware, mcafee uses signatures, which aren't very reliable and accurate.

Share this post


Link to post
Share on other sites
[quote name='Computer wizard' post='121246' date='Jul 16 2010, 09:44 PM']Did Ad-watch activate on the next system start-up? did you also try to temporarily disable mcafee? as both security suites have a real time protection mcafee would have recognized the behavior and making the assumption it was a rogue attack so turning off mcafee and turning it back on after ad-aware had completed it final steps would have worked ( in theory lol ). keep in mind if you have mcafee ad-watch really doesn't need to be active but its good to know its all in working order. It's good to know you got it sorted though well done :)

Cheers

Computer Wizard[/quote]

Days later, after one of those multi-item bug-fix updates from Microsoft, I had to restart, but Ad-Watch retained its "off" setting. At no time did I try to temporarily disable McAfee (but I would have if Ad-Watch had activated, thus causing the scenario you described).

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0