McAfee VirusScan Drops Poison Pill in Recent .DAT
from the problems... dept
Michael Buccino writes "Late last night, I responded to several calls from Windows users on our LAN that they were unable to log in. Their logins were hanging on the login script. After troubleshooting the problem, I found that disabling McAfee Antivirus cured the problem. This problem occurred with Windows NT and Windows 9.x machines." Michael then goes on to explain in more detail what the problem is and wants to spread the word. I have no idea of the validity of the claims, but figure I'll post this as a public service announcement. If anyone finds out any more about this please let me know. In the meantime, the details can be read by clicking the link below. Update: TheRegister has picked up on this story as well, though they also admit they don't fully understand what's going on either.Late last night, I responded to several calls from Windows users on our LAN that they were unable to log in. Their logins were hanging on the login script.After troubleshooting the problem, I found that disabling McAfee Antivirus cured the problem. This problem occurred with Windows NT and Windows 9.x machines.
I then queried users as to whether they had updated their virus definition files (.DAT files)lately. In turns out they had. Further investigation indicated that the 4102 McAfee .DAT update was the source of our problem.
When I tried to call corporate technical support at McAfee, I was put on hold, told by a recording that it would take a long time to answer my call due to extended call volumes, and given the Kevorkian disconnect.
Frazzled by now, I called our sales rep at NAI and asked if he knew anything about the latest .DAT file causing problems. He went through his e-mail and found that, indeed there was a problem with the 4102 .DAT file. He forwarded the information to me. Here is a portion of the internal NAI e-mail referring to the problem:
"We believe we have found the problem and are creating a new set of DATs. We STILL have not been able to reproduce the problem, or had absolute confirmation that there is any engine other than 4.0.02 that has the problem.Every customer that has been worked with out of the Aylesbury QA lab has had the 4.0.02 engine.
If any one has reproduced the problem internally with another engine please contact me directly. No one in AVERT, has reproduced this, nor has there been any absolute confirmation from a customer site.
In light of this we are going to REV the DATs to the 4103 ASAP.
I'll update you ASAP on when this will happen, but at this time we are looking at 1-2 hours for this to happen.
In addition, we are pulling the 4102 DATs and rolling back to the 4101 DATs.
We are also working on a statement that will be posted to the web ASAP."
Well, that was this morning and now it is late afternoon on the West Coast. I went to McAfee's web site and saw no announcement. I bear them no malice, but want to inform Techdirt readers that they will experience this problem if they have the 4.0.0.2 engine, and not just with Windows NT computers. The fix is to uninstall McAfee and reinstall, and then update to the 4103 update. Or choose another product.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Yay for McAfee!
Coincidentally, so did several friends of mine who were QA engineers. ;)
[ link to this | view in chronology ]
NAI and the Poison Pill
In it, they blame their customers for having old virus engines. Guilty. Fixed the problem by choosing Norton AntiVirus.
Thank you for your input.
[ link to this | view in chronology ]
Re: NAI and the Poison Pill
[ link to this | view in chronology ]
DAT file problems at McAfee
My latest problem is that after downloading 4161xdat.exe and trying to install it, I get a message "Unable to find any qualifying product(s)"
Anyone know what this means? Do I need to buy the latest McAfee AntiVirus software. I was using ver. 4.0, have since switched most of my computers over to Norton AntiVirus 2001.
As an network administrator for the past five years, McAFee has never given me a virus alert; whereas, Norton has notified me of viruses upon installing it. Does McAFee work?
[ link to this | view in chronology ]
McAfee AntiVirus (5.21.1000)
[ link to this | view in chronology ]
Re: McAfee AntiVirus (5.21.1000)
Customer service has been non-existent. Recently, when I went to "scan" online, it said I was not protected!!!! Went to the corresponding website and it seemed I'd have to download another product. I was reluctant, but eventually I did and found I had a virus from 4-2000. Their online scanning did NOT pick this up before.
Supposedly, I was properly enrolled, it would even show a pop-up screen that would "scan" my system. Then the warning message, etc., I am somewhat confused. Except that perhaps the product(s) is/are cr**.
I rue the day I purchased anything McAfee.
[ link to this | view in chronology ]
Re: McAfee AntiVirus (5.21.1000)
I had to remove McAfee, uninstall the modem drivers, disable the COM port, enable the port as a different COM port number, and reinstall the modem drivers. While I suspected McAfee to be the culprit, I wasn't sure -- so ...
I tested the modem with several dial up sessions & various programs. OK. I re-installed McAfee, and as soon as the program & definition updates finished: BANG -- the modem was locked up tight as a drum.
Again, I had to uninstall & reinstall everything -- right down to the COM Port. But when I re-installed with Norton Antivirus 2001 (since 2002 doesn't support Win 95), everything is A-OK.
I have also had customers who run McAfee and keep their definitions up to date get infected with viruses -- which their friends and co-workers' copies of Norton identified.
[ link to this | view in chronology ]
mcafee antivirus problems
Prior to installing mcafee antivirus AND the personal firewall my problems were minor.
After I installed the the above items I could not do any browsing, after a dial coneection. Any other application that was ruuning ok prior to dial up to the internet frezzed.
Right after dial up I got a warning that a "virus" was trying to mail itself. After that warning the pc frezzed.
I reboot several times but the problem appeared esactly the same way.
I am starting to dislike mcafee...
Their instruction in the web site to solve the xxx@mm virus problem is confusing and fragmented.
HELP !!!
[ link to this | view in chronology ]
Re: mcafee antivirus problems
[ link to this | view in chronology ]