Anti-virus/security software sucks
To celebrate symantec-sucks.blogspot.com's existence I have decided to finally upload my avsucks folder.
I know that these images go off the edge of the screen but I don't mind. I don't have time to make it elegant by resizing crap, so just go away if you don't like it. I've also off-turned the bar of sides on this post for to make things fit better-ish like (and such).
Even Microsoft is not exempt from gamma retardation rays:
There was an error while downloading the "mallware signeture".
McAfee uses the most exploitable, most easily broken engine within Windows to do all of its most important functions, such as updating, scanning, and uninstalling: Internet Explorer's ActiveX garbage!
McAfee doesn't stop there, though… they want you to remove their competitors because they can't be arsed to figure out what they did wrong. I say "they did wrong" because there's no way Spybot is causing whatever problem McAfee is trying to avoid here.
So begins the barrage of Norton/Symantec images. The first one is a common one (already found on the Symantec-sucks blog but I had to post it anyway).
So you're able to tell me it's running in the background, but you're not able to just bring that window forward? What if that background process gets stuck or produces an invisible error message (can't rule anything out when it comes to Symantec)? It could potentially say "please wait" for the rest of your life!
This screenshot seems kind of normal until I tell you that I took this screenshot in August of 2007 with fully-updated definitions. I feel safe knowing there hasn't been any virus outbreaks since February 2006!
Since I requested that LiveUpdate open up, why don't YOU wait until later and then open it FOR ME when you're ready? Will you ever be ready? Again, why can't you just bring the "background" session into the foreground?
This set is a one-two punch that speaks for itself. In the second shot, I've launched LiveUpdate so I can see which programs are still registered with LiveUpdate (which is what the first shot is bitching about).
Why are these things blocked by default in Norton Internet Security?
Because I've chosen an option other than what Symantec deems correct, it wants to "fix" the setting and put it right back to automatic. I didn't want automatic Windows Updates. I want to choose when to install them! Oh god, my computer is broken! Please "fix" it!
What the fuck, Symantec. What the fuck:
This virus was a ridiculously easy one. Unfortunately, Norton made it infinitely harder. You see, even if Norton can't do anything with a file (as usual), it locks it so you can't do anything either. After killing Norton's processes off, I was able to unregister this DLL and simply delete it. Yes, I was able to click it in Explorer and simply delete it. Norton won't even offer to delete it upon reboot, close any programs that are using it, or anything. It just says "nope, I can't help you – but I won't let you help yourself, either, so here's a ton of file locks to keep you from touching this file ever again".
Symantec's errors are certainly not limited to actual use of the product. You can't uninstall it either.
Since an error occurred during uninstallation, the recommended course of action is to uninstall it and reinstall it before uninstalling it:
The last entry is not Symantec's (yay!), but it's indicative of the same ineptitude in software engineering.
Trend Micro's security offerings are also kind of shitty. It wants to remove Spywareblaster for you because the developers couldn't be arsed to fix their whitelisting software. Yes, it's their fault, not Javacool's (maker of Spywareblaster). When Spywareblaster's immunize functions are activated (a bunch of ActiveX "kill bit" entries in the registry), Trend Micro's whitelist software goes nuts and takes up all of your processor's time to make an infinitely-growing .dat file. The method Spywareblaster uses to immunize is legitimate and is supported by Microsoft for the exact purposes Spywareblaster is using them for. I think Symantec outsources to Trend Micro or vice versa.
Good stuff.
The future of Symantec error messages:
An error has occurred during installation. To fix this problem, you must click yes if you want to not uninstall the installer to reinstall the install or no to not reinstall the installer to uninstall the install. Press yes or no only if the uninstaller's reinstaller is present to reinstall the reinstaller's uninstaller.
Merry Christmas buddy.
Hi Guys,
Bookmark this FTP Site:
ftp://ftp2.symantec.com/public/english_us_canada/removal_tools/
This folder contains the two downloads for tne NT and Win9x versions of the Norton Uninstallers.
I recommend you use them at every opportunity.
Kind Regards
Simon
Nice screen captures. Do any of these companies have any Quality Control what-so-ever?
Merry Xmas.
I have personally moved away from ALL the main AV programs (Norton, McAfee, Trend). My personal recommendation for AV protection is AVAST Antivirus… I have found no better AV protection, and the price for home users is $0.00….
But wait…. Norton said it would HELP my system! Norton wouldn't lie!
Another page of interest is http://www.pcdecrapifier.com which features PC Decrapifier.
It is a program that removes pre-installed applications (like those from Norton, McAfee and Symantec) from a newly bought computer.
Ah yes, selling security from companies who's market would disappear if their products worked as they should – kind of a conflict of interest, eh?. Humans are such easy prey…
http://www.av-comparatives.org
These companies are unbelievable… they can make decent security programs, as seen in their corporate products; why they don't just sell those to the general public, is beyond me.
Maybe i just ain't smoking the stuff they are to understand…….
i dumped norton long time ago. why do they have to put the updater as a stand-alone program? oh ya, and it is kept installed after uninstalling the ant-virus. you surely want live update to update your… live update program? :P
i use kaspersky these days
cheers
Willy Hamra
Here's one: AVG Anti spyware (latest version according to the website on 9th feb 2008)
Just after turning my pc on (amd64 3.2mhz with 1/2 gig ram) it was running like a dog with 2 legs.
Process explorer shows avgas.exe & guard.exe taking up 100% of the cpu (both avg antispyware)
Not just me with the problem…
Have a look at the avg forums !
WANKERS
AVG was good at what it originally did and still is but now is making a complete arse out of itself
I guess nobody can win. I've had a bunch of problems with avast!, so we're switching to AVG free (for customers). Now AVG has engine issues. They all have engine issues because all antiviruses suck >:(
Bloody bollocks, and all that.
I'd like to make a McAfee sucks page after dealing with McAfee's horrible products. I have a few screenshots of how stupid this software is, it makes no sense.
I like and use AVG, haven't had any real trouble with resource usage, and it updates unobtrusively and does a decent job of detecting viruses, plus I like how it doesn't nag you like Norton or McAfee does.
Very impressive and interesting topic. At least it's really broaden my knowledge and I'll update it asap. A bit of advice, DO NOT use norton as those software can not be trusted. I still got a lot….I mean a lot virus attact during my browsing through the internet.
What are you doing that you get attacked so frequently? And yes, Norton products are crapware, but the corporate Symantec products (usually) are not.
I to date have un-installed 1000's of norton/mcafee infected machines there products just aren't up to the job and in a many cases cripple the machine or mess up the networking protocols. I have install AVG/Antivir Free on residential machines for free. AVG free edition is good for normal users and seems to remove most virus's fairly sensibly I find that you need to turn the daily schedule of a scan of as it hits performance just as you start the machine – turn that of during installation of after in the scheduler.
Antivir has a massive detection library and updates seem to come all day and all night and all weekend! Antivir is also more efficient on CPU/Memory than AVG in my experience. Antivir is truely bruttal at removing virus's so I would recommend it for gamers, the vulnerable and younger people (under 18's). I cant offer much advise on other programs other than I have tried Bit-Defender in business scenarios and it seems to perform fine, other people also seem to rate Sophos for business. Symantec must be owned by Apple or Sun as its only helping people to drive people away from windows to Linux and Apple.
Norton and McAfee are the worst antivirus programs I ever had. Those dumps seemed so familiar it made me laugh! Anyway, get Eset NOD32 for antivirus or Eset SmartSecurity for firewall, antivirus, worm protection etc. Been using it for a year, never a problem. AND it uses like 20% of the resources Norton and McAfee do.
Note: Symantec's corporate antivirus was originally made by Intel (a part of "LANdesk") and it is almost exactly the same today as it was when Intel first created it – that's why it isn't totally horrible. The detection rate feels about the same as Norton Antivirus, and it catches a lot less spyware pieces than anything else out there.
I use Avira these days. It seems to work quite well, doesn't nag but for a banner when updating.
It's free and German. Also, it always comes out quite to very good in comparatives.
I've been fixing computers for 11 years. I havn't touched norton products since 2003. Their last half ok version. Pc-Cillin also has a far share of troubles. Not as much as Norton or McAfee. Avast and Kaspersky are the only ones I touch these days. They are not 100%. AVG, although it tends to catch a few more viruses then Avast. It's so full of fucking bugs it's not funny. I can't count the number of times I've had to uninstall it and load avast in the last 2 years. VET is also down there with norton. Bottom line, There is no good antivirus. There is the free Avast and the more complete Kaspersky, but are simply the least bad out of the lot.
Wow I can’t believe how many people believe you know what you are actually talking about. It is obvious that you are not a technician and are someone that knows just enough to be dangerous. I will pick this entire post apart from the beginning.
First the Microsoft unable to download the Malware Signature the reason behind this is that windows itself is corrupted or there is malware blocking the install. You see that is what malware and virus do is attack what is made to eradicate it. Chances are that if you cleaned the machine or had a fresh install of windows you would not get this error.
The active x issue is simple enable active x there are safe programs and web pages that require it turn it one and bye bye error message.
Mcafee’s antispyware issue needing Spybot uninstalled to install properly. First thing this is not the only program that has trouble with Spybot when you try to install something. Most of the time the programs have trouble with the Spybot Tea Timer, which can cause problems when you are trying to install any program. Secondly why are you trying to install an antivirus antispyware program most of them are worthless and catch nothing. On top of which when buying any antivirus buy just the antivirus, the internet security programs a worthless and provide no extra protection. But you say they come with a firewall I need it…No you don’t a firewall does not stop viruses or spyware from infecting your computer, it is meant to block human beings from getting into your system, to prevent this don’t enable sharing and in this wireless age you have to have a wireless router to access anything wirelessly and the router is a much more secure ‘firewall’ than any software could hope to be.
Now onto the Norton, first I will agree that Norton is a memory hog; however your screen shot only shows the possibility of two things. First if this was a fresh install Norton automatically gets the updates for you, this is nothing new it has offered this option forever, it just doesn’t offer you the chance to skip it now. On the initial install for the past several years now you have not been able to view the live update on the initial install, also they have changed the live update where you no longer see what updates if any are there, they have found that most consumers paid no attention to this anyway. The second possibility is that if this is not a fresh install then you are not very smart for not running a full system scan, an antivirus can’t protect you if you do not run it.
The Norton outbreak tool , wow you took a screen shot of both and they have the same thing in each box under protected and unprotected. Oh my god Norton must really suck, or if you had half a brain you would realize this just means that your computer is clean and you have nothing to worry about.
Oh right once more with the live update since you can not let this go. Yes live update will run itself…amazing a program that updates itself because the people at Symantec are smart enough to realize that most of their customer base will not go get there updates on their own, this is the same reason people are still running windows 98/ME 2000 and XP service pack 1. If the program is updating itself in the background of course it will not let you open another instance of it there is no need to. Also Norton has provided taskbar icons which actually indicate that Norton is getting updates, how it indicates this even a monkey could see and since they change the animation from year to year I am not going to explain what each of them look like however the newest in 2008 is a little circle running over the bigger Norton circle icon.
As far as the firewall issue I covered that already as far as the ICMP and the file sharing being blocked, is simple the file sharing is how your computer get viruses in the first place the ICMP is something that the average user will never use so it doesn’t slow them down who cares. As far as the secure sites outbound this is protecting your credit card and other private information, I mean if you want you banking info out there for anyone to steal then go ahead and de activate it. Now if the inbound was blocked then you would have trouble view and working with the secure websites.
The automatic updates that Norton is complaining about are the critical ones you know the ones that plug know security holes in windows, which should be on because like I have stated already most people will not go get them themselves. Oh my windows is trying to protect me I need to shut this down immediately. As far as the event view since you didn’t actually open one up I have no idea what the actual error was but from what you have posted earlier I will feel safe in assuming that it is because you were trying to open multiple copies of the live update.
Your virus alert box is simple, Norton had nothing to do with you not being able to delete the Trojan. First off lets look at the file path it is in the system32 files which means the dll itself is probably running in the background. Since it is a running file of course Norton like any antivirus software will not remove it and you can’t go delete it either. You would have to stop whatever is causing the dll from running before it could be deleted. There is also the possibility that the Trojan is not a virus but spyware that also would explain again why Norton or any other ‘AntiVirus’ would not be able to remove it , most will find them but then you have to remove them.
The error during setup and Norton must be reinstalled. Well since I can not see your computer I am guessing you possible had a previous version installed and did not uninstall it before installing the new version. It will not install correctly if you had a previous year on their installed, or any other antivirus program installed for that matter. Multiple antivirus programs are bad they will protect you from nothing then because they will be too busy fighting each other.
As far as the trend micro wanting spyware blaster wanting it removed who cares. Spyware blaster serves no real protective value anyway. Run Firefox and the program was useless years ago. To protect yourself under IE here is an outrageous idea stay off of bad sites . Spyware blaster was meant to keep you off known bad sites . Now we use to use it on customer machines because we couldn’t hold their hand after we cleaned their computer up and it worked. You claiming to know what your talking about should now what sites spyware blaster blocks and should be able to not go there on your own. But then I guess its just to tempting to surf the net right into those deceased sites and infect your computer huh.
Heh, that's rich. I only know enough to be dangerous. Just so you know, none of these screenshots are from my own computer – they are screenshots from customer computers. I know why all of them happened, I'm just pointing them out for various reasons. I don't see why you would jump to such a conclusion and begin explaining everything like you did. Maybe you haven't read anything else on my site or wiki and have already passed judgement on me, and if that's the case, I don't care. I also notice you failed to read some (or most) of the captions.
1) I was pointing out the typo "mallware signeture". That's it. I know what the fuck the dialog is for.
2) ActiveX should not be used in a fucking uninstaller program. I repeat – ActiveX is not necessary in order to uninstall an antivirus program, and furthermore, it is incredibly scary that an antivirus engine would utilize one of the most commonly attacked (and easily broken) application platforms in Windows history. Don't you get it? What happens if IE breaks or gets infected… McAfee stops working because it uses IE and ActiveX as an engine? Jesus Christ.
3) I was trying to install the customer's purchased McAfee antispyware at their request, much to my dismay. You'll notice that it doesn't actually tell you that it's scared of teatimer. I can understand that, because teatimer is a piece of shit (and I force it disabled during installation), but saying that having Spybot installed at all on your system (using it only passively) isn't going to harm anything. You seem to be the one that's dangerous: not having any antivirus will catch a whole lot less than having one (that you claim catches nothing). Somewhere, sometimes, antivirus programs actually work – they're not fucking useless. Also, this isn't even an antivirus, it's antispyware. Yes, firewalls are garbage. Pay attention.
4) File sharing is not exactly what I was pointing out in the dialog (hint: it's the big blue highlighted line). Secure sites have been blocked. Why have secure sites been blocked? ICMP is basically just ping; who gives a fuck about that. Back to file sharing… it says it's blocked, but it's really not. You can access file shares with this thing installed by using the UNC IP address — it only seems to properly block NetBIOS name resolution. A lot of customers would like to share files between their computers. It's a common service call – please setup my computers to share files with each other. There's nothing dangerous about that at all, unless you open it up to the internet. Internet-wide file sharing is difficult to setup (because XP puts up a lot of roadblocks for obvious security reasons), so it's not like you can easily accidentally expose yourself. There is no good reason I shouldn't be able to see computers on my local network. Like I said, that particular rule doesn't even properly block file-sharing… just NetBIOS name resolution.
5) You can't run LiveUpdate because it's "already running", doing jack shit in the background (or breaking – see #7 below). The point is that you can't bring said background instance to the foreground to look at it or check its status or anything; it's a total bullshit lazy error message. This is a common problem across all versions of their engines and it doesn't matter when you installed it or how often you scan with it or update it. It does this frequently and it's retarded.
6) The point of the outbreak screenshot was the date. The data about outbreaks is fucking old. You don't think it's odd that there hasn't been a single virus outbreak from February 2006 through August 2007? Well, Norton thinks there hasn't because it's not updating the data (oh, and before you bitch and moan again, yes, the definitions were up to date at the time of the screenshot).
7) Yeah, I can't let go of the stupid error messages instead of bringing up a window telling you about the status of updates. This would be like if you double clicked a Word document that's already open, it gives you a warning telling you it's already open but can't do anything to help you, instead of just bringing forward the document that is already open. Oh, yes, that last part is what actually happens in Word – I was being sarcastic. I almost forgot that your reading comprehension is so low. Why are you defending lazy programming and bullshit error dialogs?
8) If a user chooses to manually download and install Windows updates at a time convenient to them, they should not be told that this option has to be "fixed" back to automatically installing and bugging you to reboot your computer every 10 minutes (until wuaclt inevitably does it for you). Choosing this option does not mean your computer is broken, needing to be "fixed". This is a case of Norton taking an annoying Windows feature (the nagging inevitably-auto-rebooting dialog) and amplifying it by pissing a fit that you might actually want control over your own PC.
9) You assume I ran Norton's updater every 5 minutes exactly (minus a second here and there from clock skew) often enough to create 2,318 entries while dismissing constant helpful "already running" dialogs? I didn't mention this in the caption above (which you wouldn't have read anyway) but I cleared the log before this event – all 2,318 events are this pair of messages, over and over. These occurred while I was working elsewhere on the computer, and/or other client computers at the same time. This must be that helpful automatic update service you were talking about, since users don't ever update the product themselves. Well, it turns out, if it's unsuccessful at it, it just keeps trying (and failing) the same exact way every 5 minutes. Since you can't bring the window to the foreground (that other screenshot you took issue with) and since it doesn't even tell you it failed when it fails, you end up with a computer whose antivirus is never updated, but constantly nags you to update it, but you can't, since it's already running in the background, failing, constantly. Get it yet?
10) I thought I explained this in enough detail, but I guess not. Norton was holding a file lock that I… fuck it, you don't really know anything about Windows internals anyway. The point is, I deleted the file from fucking Explorer of all places (meaning it was not running in the background) after I force-closed Norton's file lock. Norton was the reason it couldn't be deleted. Unlike other antivirus programs, it didn't even offer to schedule a deletion upon reboot, or anything. I can't understand how you missed the point on this one, too. Well, after all of this, I guess I can.
11) I understand that you can't see this person's computer, so I will let you know that it was the only Symantec product installed at the time. I was trying to uninstall it because it was causing nothing but problems (as usual). The point of the screenshot was that it helpfully tells you to uninstall it first, which is actually what I was attempting to do in the first place. Norton products are notorious for not installing, uninstalling, or upgrading properly. That's why there's a Norton removal tool (which sometimes crashes or says it's expired the day it's released, and still fails to remove 100% of the garbage (e.g., "Symantec Core LC").
12) Spywareblaster is not at all useless, and it even protects Firefox. It does a portion of what Spybot's Immunize function does, and has a different list, so together, they block quite a lot of crap. I don't know what your point was here either – I was describing Trend Micro's whitelist DAT file bug, which I have witnessed first-hand. Instead of fixing their problem, they just force you to uninstall Spywareblaster.
Is there anything else you forgot to misrepresent? I'm all ears!
Jason you are clueless and so far off, perhaps you are unconscious.
If not, you are so full of shit it is coming out your ears.
Mike
And Jason
This quote from you proves it!
You refering to Norton:
"this just means that your computer is clean and you have nothing to worry about"
Geeze!
Mike
Michael, good luck on your new career!
You will be missed!
All the best!
Mike
Damn, Mike, that's what you call a verbal beat down.
Thanks for all your helpful insight Jason. I'll file that between moonbat and moron.
Your defending of Symantec is like putting lipstick on a pig.
Thanks, please drive through and take your Norton 360 with you dumbass.
You can do it too JD! Grin!
Mike
I just thought I'd share this so that other can have some fun. So – I got banned by the Symantec "experts" from using their forums, since they apparently dislike being told the truth about their bloatware junk.
I guess they didn't like my answer to the above "cease and desist order", nor did they appreciate customer feedback about Symantec and their Endpoint Protection 11 (which still fails in a spectacular way after receiving two major and one minor service packs):
Sooo… on my next visit to their forums I have been greeted with the following warm welcome:
LMAO, great job, Symantec. What an ingenious way to treat annoyed customers who wasted money on your "enterprise class" product and wasted days of their time with your useless support somewhere in India after being on hold for hours.
To conclude: Symantec Sucks, big time! Do not buy anything from them!
Update to the above post – the morons have deleted ALL my posts on their forums – most of which contained work-arounds for their stupid SEP11 bugs unsolved for about a year now. Great company indeed. May I suggest that instead of buying their "corporate" products everyone can as well throw the money out of the window or buy themselves some decent beer and spend the time drinking it as opposed to debugging their junk.
nao estou conseguindo utilizar o nero 7 ou mesmo remover. diz que preciso shellmonger. voce pode me ajudar
The first part of your post is funny, i like the way you make post. What is your thought about AVG, that is the antivirus im using, i think it's better that norton.
Yes that's right….all antivirus software maybe bad and suck…in my experience i had been install antivirus software like bitdefender, avast, avira on my pc…i know that all antivirus it's not perfect at all…but now i comfortable with Eset Smart Security + Microsoft Security Essential…i didn't find problem on both software when installed on my pc…instead that both software so effective against virus/spyware on my pc until now…lol
Neither AVG nor BitDefender were able to find a crash virus on my computer, the result: It had to be taken into a computer repair shop.
BitDefender also finds LESS malicious files on your computer than Advanced SystemCare, which isn't an antivirus program and never claimed to be. It found over 5000, and BitDefender found nothing. The worst antivirus program is BitDefender. I think that the best is Eset Nod32, because it actually updates.
You see the virus writers want to stay ahead of the antivirus programs, regular updates are neccesary. Eset updates with the latest signatures, while BitDefender takes up 200% CPU, crashes your computer, and sits there as the crash virus oozes into your system. Nod32 actually has heuristic search, which means even if they don't have a specific signature for something, they may still detect it as a virus.
I hope people drop the shitty, outdated antivirus programs like AVG and BitDefender and go with a REAL ONE!