Wednesday, November 16, 2005

Microsoft, Symantec and McAfee are all brain dead but making billions

A couple of weeks ago, my Windows XP SP2 got infected by this nasty spyware/adware which keeps openning new browser windows of ads. It is so annoying that I had to stop it and the struggle continued for 3 weeks.

I first run McAfee virus scan, it can catch a lot of spyware and other PUPs (Potentially unwanted programs). I updated McAfee, tried to run it, but in the middle of the run, the machine automatically reboots itself. The Spyware knows how to protect itself?

I then uninstalled McAfee and installed the newest version of Symantec Norton Anit-Virus freshly downloaded from their web site. Boot the machine in safe mode, with network disabled, ran overnite, it found and removed some stuff. But the adware persisted. Keeps poping up.

I thought the adware is somehow tied to IE, so I switched to FireFox, no help, the thing is so smart, it opens new ad windows even when I browse with FireFox. Maybe FireFox was infected too.

So, I downloaded and installed Opera browser, which did not exist on the system. No help. Even when I use Opera, ads pop up after I view a few web pages. This thing is tough.

I then downloaded the Adaware Spyware removal tool from LavaSoft. No help.

A few days later, I uninstalled Noron Anti-Virus and tried to re-install McAfee, I thought maybe I got a new spyware and there are updates to catch it. Now McAfee can't be installed. McAfee requires you to use some IE components, and somehow the components were rendered defective. Anyway, McAfee can't run. The idiots at McAfee are so stupid, why don't they just provide a basic Windows standalone app? IE is a piece of crap, and McAfee requires the crap to work?? After many reboots, I finally got McAfee re-installed, but when I try to run Scan Virus, the program pops up some JavaScript error and can't continue. Apparently, McAfee's virus scan GUI interface is also based on IE, and when the crap somehow does not work, McAfee can't run. This is so lame--security software based on the insecure IE.

Did the spyware/adware just planted stuff to kill McAfee?

I then got rid of McAfee and tried to re-install Symantec's anti-virus. It can't be installed either.

I then downloaded Microsoft's AntiSpyware Beta from microsoft.com. I guess Bill Gates was hit by spyware and ordered his army of dummy programmers to hack out something (which scared the s**t off Symantec stock holders at some point).

Microsoft AntiSpyware found and removed some stuff. But no help, the bad guy persists. The most brain dead aspect of the Redmond dudes is this: when it found some bugs, and you stopped the scan, it gives you no chance to remove the bugs already found, you have to start all over. With all other scanners, when you stop in the middle of a scan, you can proceed to remove the bugs already found.

Maybe the Spyware author is so smart, he wrote code to screw McAfee, Symantec and Microsoft? My PC is an AMD Athlon 64 machine, it also has Windows XP x64 installed as dual boot. So I booted into the 64 bit environment, my plan is to run anti-vrirus and spyware sweepers from there because it's not infected.

Disappointing! The Windows x64 has been out for a year and Symantec and McAfee do not support 64 bit! They both balk at the middle of install.

Microsoft AntiSpyware and LavaSoft's Adaware can be installed under Windows x64. But after running them on all the hard drives (including the one with Windows XP 32 bit), and booting back to XP 32, the Spyware is still there. It is laughing to my face. I felt so mad!

I tried all sorts of things, like deleting suspicious drivers, DLLs, updating Windows, etc, etc. No help. I snooped the TCP/IP traffic and tried to configure the router to block the sites the spyware was trying to visit. No help.

I had to work under the Windows x64 environment to avoid the spyware. But, when I needed to use Adobe to create PDF file, I had to go back to 32 bit, because the Adobe PDF Distiller is a printer driver, and 32 bit drivers won't work under 64 bit.

I used the System Restore feature to restore XP 32 bit to a date before the infection. No help.

I thought about re-installing the Windows XP 32 bit. But that would be a pain.

Eventually, I decided that I should try some other anti-spyware products. After trying a few without success, I stumbled on to WebRoot Spy Sweeper. It says it can even detect and stop rootkits.

I installed WebRoot Spy Sweeper. I did not reboot.

Immediately, the Spy Sweeper stopped the Spyware, it intercepted the spyware's attempt to access a seceret web site, potentially for retrieving new ad URLs. It discovered the Spyware in memory. Now, I ran sweep, alas, over 70 bugs were found, and quickly removed. Microsoft AntiSpyware, Symantec Anit-Virus both run so slow, it takes a whole night to finish, and they fail to catch the bugs. The Spy Sweeper finished scanning 3 disks each with 200GB in just a couple of hours, and it discovered so many bugs. Most importanly, it caught the most annoying bug and killed it right at the spot. The bug is dead, justice and revenge is quick and sweet.

It is clear that the WebRoot Spy Sweeper is light years ahead of Microsoft, Symantec, McAfee and LavaSoft in anti-spyware technology.

On the interface design, Spy Sweeper is 1000 miles ahead of these big but stupid companies. The most brain dead interface is Microsoft's. The most annoying is Symantec's. The most fragile is McAfee's.

WebRoot Spy Sweeper proves one thing: one genius is greater than 100,000 idiots.

3 Comments:

Anonymous aproximado said...

dear Sharikou, that is one reason why not to use Internet Explorer to surf.

You mention you installed other browser software such as Firefox and Opera but you did not realize the "problem" was in already since IE works into the core of the Windows OS.

I found this same kind of problem many times, lots of customers erased everything and reinstalled but the solution to Spam and Phising is in AntiSpam softare, as you mention. Viruses are of a different kind, even i both annoy us in the same quantity.

Cheers

9:33 AM, January 12, 2006  
Blogger NRecob said...

I use WebRoot Spy Sweeper and TrendMicro Internet Security 2006 and I don't have any problems--occasionally cr*p sypware/viruses *try* to attach themselves to my system and fail ;)

10:45 PM, January 25, 2006  
Anonymous Ninth said...

Dumb people get infected in the first place.

2:45 AM, January 31, 2007  

Post a Comment

Links to this post:

Create a Link

<< Home