Using V 3.8.65951.477
Twice in the last week D+ has logged that it has blocked a Create Process request initiated by
C:\Program Files\McAfee\SiteAdvisor\Download\SacSetup.exe The target is
C:\Windows\Temp\SiteAdvisor\saInst.exe
After the fact, I can find neither SacSetup.exe nor saInst.exe. I’m guessing that some McAfee component is downloading SacSetup and when it fails to create saInst that SacSetup is deleted too.
I have not seen the blocked Create Process happen so I guess it has happened at some random time when I was not using the machine.
“McAfee, Inc” is listed as a trusted vendor. Maybe SacSetup does not have a matching certificate?
I do use McAfee SiteAdvisor via Firefox. I’m not especially unhappy that D+ is blocking the update (sneaky McAfee updates make me unhappy) but I’m still interested in knowing why it is being blocked.
Is there other info I could gather to help figure it out?
I don’t have the answer to your question, but thought I’d mention that Site Advisor is likely not worth using.
I read a few articles recently that their site data can be as much as a full year out of date! Not very comforting if you are basing a sites ‘safety’ on what McAfee has to say about it.
Any suggestions for a similar app that can keep its database (more) up to date?
I need it to work in Firefox.
In the meantime I figure SiteAdvisor is better than nothing.
–Larry
Have you looked at Web Of Trust? A plus with this system over SiteAdvisor is that the user community can also add their input on sites. Instead of a single entity giving a bad/good rating, you have thousands of actual users as well.
It’s interesting to note that even if a site is given a bad rating by mistake, the site will be on probation for a length of time depending on what the severity of the bad rating was. (Meaning, another scan won’t be made until the probationary period expires) 60-270 days for email considered spammy and 30-365 days for a web exploit. This probationary period even applies to those sites that pay $895 a year for McAfee to scan their sites daily. So even if you’re paying them almost $900 a year and they make a mistake on your site, you’re ■■■■■■■ for anywhere from a month to a year! :o
But the big problem is those sites that get a good rating and then change their site to a malicious nature. McAfee will show a site as being trusted even if it is serving malware! It can be several months before they bother to scan the site again. The second article mentions a web site owner pointing out that SiteAdvisor shows several green links in association with his site, but those links haven’t been on his site for over six months…
Like I mentioned in my first post, SiteAdvisor doesn’t sound like anything I could rely on to keep my computer safe.
I got rid of McAfee SiteAdvisor and now have WOT. Seems to be working fine.
I took a quick look at Finjan. I agree that it looks like something that examines the site in real-time. I’ll take a better look at it in the next few days. I don’t think I know how to tell if a real-time look is any better than what WOT does.
Thanks for the input…
–Larry