LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 05-10-2021, 12:30 PM   #1
pixellany
LQ Veteran
 
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Mint
Posts: 17,808

Rep: Reputation: 742Reputation: 742Reputation: 742Reputation: 742Reputation: 742Reputation: 742Reputation: 742
McAfee pop-ups


I'm currently running a W10** laptop...which came with a trial version of McAfee antivirus, which I have no intention of keeping. Periodically, I got little "nag notes", saying that I need to buy and install McAfee before the trial runs out.
Many months ago, after discusssing with a McAfee rep, I removed any and all traces from the hard drive---but now the issue is back.

In Another discussion today, the story changed a bit. The rep suggested that some 3rd-party promotion might be doing this- 'IOW: " if you are getting those notes after uninstalling the SW, then they are not our doing."

Anyone out there know how I can keep them honest?


**Don't ask........
 
Old 05-11-2021, 12:45 AM   #2
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 17,235
Blog Entries: 10

Rep: Reputation: 5160Reputation: 5160Reputation: 5160Reputation: 5160Reputation: 5160Reputation: 5160Reputation: 5160Reputation: 5160Reputation: 5160Reputation: 5160Reputation: 5160
Possibly not the best question for a Linux forum, even in the General section...
My advice (years out of date):
  • install some software that really does its best to completely uninstall things. I used to use this, but I forget the name of one that wasn't scamware.
  • Registry editing
  • Full reboot after every action (not the hibernation that Windows laptops default to afair)
 
Old 05-11-2021, 02:11 AM   #3
cynwulf
Senior Member
 
Registered: Apr 2005
Location: Walsall, UK
Posts: 2,630
Blog Entries: 7

Rep: Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150
After a quick search of the web: https://answers.microsoft.com/en-us/...b-690ab1f8ed8f

This is in line with my own experience of Mcafee - it's often difficult to remove without using their "removal tool". If you have a Dell device, it's worth noting that they own Mcafee, hence the preinstallation.
 
Old 05-11-2021, 07:21 AM   #4
obobskivich
Member
 
Registered: Jun 2020
Posts: 290

Rep: Reputation: Disabled
Quote:
Originally Posted by ondoho View Post
Possibly not the best question for a Linux forum, even in the General section...
My advice (years out of date):
  • install some software that really does its best to completely uninstall things. I used to use this, but I forget the name of one that wasn't scamware.
  • Registry editing
  • Full reboot after every action (not the hibernation that Windows laptops default to afair)
I believe the program was called 'ccleaner' but that may very well contain malware at this point too (it seems this is the fate of most every windows 'freeware' or 'shareware' application once it becomes famous).

Look in the 'startup services' (assuming Windows 10 still has such and that it hasn't become placebo settings to prevent you from disabling the ads) at (run 'services.msc') and see if there's anything in there mentioning McAfee - disable that, but also potentially find where the other portions of this spyware are and delete those too. Look in the registry too (if I remember right regedit allows search via ctrl+F).
 
Old 05-11-2021, 07:45 AM   #5
boughtonp
Senior Member
 
Registered: Feb 2007
Location: UK
Distribution: Debian
Posts: 1,330

Rep: Reputation: 1126Reputation: 1126Reputation: 1126Reputation: 1126Reputation: 1126Reputation: 1126Reputation: 1126Reputation: 1126Reputation: 1126
Quote:
Originally Posted by obobskivich View Post
I believe the program was called 'ccleaner' but that may very well contain malware at this point too (it seems this is the fate of most every windows 'freeware' or 'shareware' application once it becomes famous).
I would agree with many, maybe even most, but not every - WinRAR is an obvious example that (afaik) hasn't sold out.


Quote:
Originally Posted by https://en.wikipedia.org/wiki/CCleaner#Critical_reception
CCleaner 5.45 incorporated a data collection module that collected information from computers without the consent of their owners
...
In December 2018, it was reported that users installing CCleaner would also have Avast Antivirus installed without their permission
...
in September 2017, CCleaner 5.33 was compromised by the incorporation into the distributed program of the Floxif trojan horse that could install a backdoor, enabling remote access to 2.27 million infected machines.

Best way to remove the malware is to completely wipe Win 10, and then use Wine instead - or, if it's absolutely unavoidable, a locked-down VM using a fresh ISO from Microsoft.

 
Old 05-11-2021, 11:10 AM   #6
cynwulf
Senior Member
 
Registered: Apr 2005
Location: Walsall, UK
Posts: 2,630
Blog Entries: 7

Rep: Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150
Quote:
Originally Posted by obobskivich View Post
I believe the program was called 'ccleaner' but that may very well contain malware at this point too (it seems this is the fate of most every windows 'freeware' or 'shareware' application once it becomes famous).
Very true.


So ccleaner turned to crap as well? I haven't used it since those quoted incidents in 2017/2018 and won't be revisiting now. Thanks for posting that info.

I would add "Foxit Reader" to the list...

https://en.wikipedia.org/wiki/Foxit_Reader#Issues
Quote:
With version 6.1.4, the Foxit installer was bundled with potentially unwanted programs like OpenCandy which installed the browser-hijacking malware Conduit.[citation needed] Following complaints from users, it was removed after version 6.2.1.

In July 2014, the Internet Storm Center reported that the mobile version for iPhone was transmitting unencrypted telemetry and other data to remote servers located in China despite users attempting to opt out of such data collection.[9]
 
Old 05-11-2021, 12:35 PM   #7
kilgoretrout
Senior Member
 
Registered: Oct 2003
Posts: 2,842

Rep: Reputation: 326Reputation: 326Reputation: 326Reputation: 326
You might try installing and running malwarebytes:

https://www.malwarebytes.com/mwb-download/

The free version should be adequate for this task. Malwarebytes is very good at detecting and removing both malware and "pups"(potentially unwanted programs). Pups are those applications that get surreptitiously installed along with a desired application.
 
Old 05-11-2021, 02:12 PM   #8
obobskivich
Member
 
Registered: Jun 2020
Posts: 290

Rep: Reputation: Disabled
Quote:
Originally Posted by boughtonp View Post
I would agree with many, maybe even most, but not every - WinRAR is an obvious example that (afaik) hasn't sold out.
I was being admittedly facetious, hence 'most every' - sure there are examples that aren't awful, 7zip is another, but it's just a headache to keep track of it all - one of the reasons I agree with your second point:



Quote:
Best way to remove the malware is to completely wipe Win 10, and then use Wine instead - or, if it's absolutely unavoidable, a locked-down VM using a fresh ISO from Microsoft.



Quote:
Originally Posted by cynwulf View Post
So ccleaner turned to crap as well? I haven't used it since those quoted incidents in 2017/2018 and won't be revisiting now. Thanks for posting that info.
I don't know if it 'recovered' or not - that's around when I stopped dealing with Windows more generally. The Wikipedia page implies it did not, with a 'disclosure' of a second malware bundling in 2019

Quote:
I would add "Foxit Reader" to the list...
That one is 'well known' I thought (and an example of the 'most every' point - there's jsut so much garbage Windows-side) - and I never understood the selling point for it (Foxit) either, since Adobe gave Acrobat away for free, and later browsers integrated it as a plug-in...

Quote:
Originally Posted by kilgoretrout View Post
You might try installing and running malwarebytes:

https://www.malwarebytes.com/mwb-download/

The free version should be adequate for this task. Malwarebytes is very good at detecting and removing both malware and "pups"(potentially unwanted programs). Pups are those applications that get surreptitiously installed along with a desired application.
Note that MalwareBytes will happily sign you up for auto-billing if you let them, and its a pain to terminate it. I have no reason to believe the program itself is 'bad' though, they're just fans of the hard-sell subscription it seems.
 
Old 05-11-2021, 02:26 PM   #9
Bonzoo
Member
 
Registered: Sep 2018
Location: Costa Rica
Distribution: Antix21a2,Parrot rolling,MXfce19.4,Sparky Openbox
Posts: 195

Rep: Reputation: Disabled
Quote:
Originally Posted by cynwulf View Post
After a quick search of the web: https://answers.microsoft.com/en-us/...b-690ab1f8ed8f

This is in line with my own experience of Mcafee - it's often difficult to remove without using their "removal tool". If you have a Dell device, it's worth noting that they own Mcafee, hence the preinstallation.
Video on the topic BTW I was in college with John(mostly at the bars)


https://www.youtube.com/watch?v=bKgf5PaBzyg

Last edited by Bonzoo; 05-11-2021 at 02:33 PM.
 
Old 05-12-2021, 11:34 AM   #10
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,139
Blog Entries: 4

Rep: Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227
"Anti-virus (sic ...) software" turns out to be a commonly-exploited vector for installing malware.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ups not able to communicate with ups software beopen Linux - Software 2 09-15-2014 03:22 AM
APC UPS backup-ups ES RJ-45 augurseer Linux - Hardware 3 11-18-2009 11:32 PM
stopping pop-ups with iptables fuxored Linux - Security 13 06-27-2002 10:54 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 11:12 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration