Good site blocked by McAfe Antivirus. True?

[Geek-9pm]

I got a call from a relative to tell me that MalwareBytes.org, a good site. was  blocked by McAfe Anti virus. That just can not ber true, -Right?

[computeruler]

I dont see anything wrong with it. Unless macafee doesnt want anyone to buy anything other then them    Or mabye it was a fake site or something. Mabye theyve been hacked or soemthing.  All of whcih I doubt

[evilfantasy]

There was an issue a while back with McAfee blocking the Malwarebytes.exe but it was srraightened out with a McAfee update. Is there AV up-to-date?

If so it could be an infection trying to re-direct them away from the Malwarebytes web site and not blocking the actual URL.

[Geek-9pm]

He got the McAfe on sale at Cost-Co and now we know why it was on sale!
MalwareBytes is a respected ORG, so why would anyone in his right mind try to block it?  That was very bad PR. Could you imagine Microsoft putting a block on the Apple site? Hard to believe!

[BC_Programmer]

This highlights one of the main reasons I myself don't use any AV solution. Blacklists simply don't work.

http://www.codinghorror.com/blog/archives/001009.html

[evilfantasy]

I don't think it's a blacklist issue.

Nice article but I think he is a little off on a few points:

Ask yourself this: why don't Mac users run anti-virus software? Why don't UNIX users run anti-virus software? Because they don't need to.

It's because malware writers haven't put any effort into attacking a Mac. Too much work with no reward. But Mac viruses are rising, slowly but there new ones being released.

At its heart, anti-virus software is little more than a glorified blacklist. It maintains an internal list of evil applications and their unique byte signatures, and if it sees one on your system, kills it for you. Sure, anti-virus vendors will dazzle you with their ad copy, their heuristic this and statistical that; they'll tell you (with a straight face, even) that their software is far more than a simple blacklist. It's a blacklist with lipstick. It's the prettiest, shiniest, most kissable blacklist you've ever seen!

Not true. Behavior/heuristic detection is a very good resource. That's why users have to turn off their AV before using some of the specialized tools in malware removal. They behave just like some malware and will be terminated.

But hey, who am I to try and tell a programmer that software is better than something that can be done with DOS or manually.

[evilfantasy]

So you are 100% sure that McAfee is blocking access to the MalwareBytes Web site?

[BC_Programmer]

yeah I pretty much disagreed with the same two points- but as far as Admin/limited this was made pre-vista and I think that MS addressed that issue at least partly with UAC and related security features.

As far as hueristics I think they work fairly well, especially in that they will find new "strains" of previously profiled viruses- and even can be set so that they detect any virus using a module or loader distributed between malware authors; Additionally I find it interesting how he says blacklists don't work and yet offers no reasonable alternative other then that now essentially made the default- run as a limited user. I think Vista and now Windows 7 have addressed the whole "running as admin" issue fairly well.