Roy of Superior Art Creations

McAfee Security Center and Issues with AntiVirus Solutions in General

I am using McAfee Security Suite and are very unhappy with it. I was contacting support and also expressed my issues at their user support forums. I got responses back from other users and learned that there are currently no real solutions for the fundamental issues that I encountered.

See my McAfee Support Forum Posts:

• ??White Listing False Positives
• ??Sending Files to McAfee

I could not believe this and started to get really frustrated. I am looking for a long time for proper Anti virus and anti spyware solutions for my personal and professional use in my home network, but got disappointed with everything I tried so far. That the anti-virus software industry is in such a bad shape, which got only worse over the last years, I refused to believe at first. But then people contacted me privately and we exchanged some tips and experiences and it seemed that there was no other way around than facing reality.

Last years final issue of the German computer magazine CT (Magazin Computer Technik Issue 26/2009) by publisher Heise included a review of the 2010 versions of the Anti-Virus software solutions AVG Anti-Virus Professional 9.0, Bitdefender Antivirus 2010, Bullguard Internet Security 8.7, F-Secure Anti-Virus 2010, Kaspersky Anti-Virus 2010, McAfee AntiVirus plus 2010, Microsoft Security Essentials, Norton AntiVirus 2010 and PC Tools Spyware Doctor with Antivirus and ThreadFire.

I am still a subscriber to the magazine (the print version), even here in California, because nothing I have seen here in English comes even close to the quality and depth of CT. It would be like comparing Notepad with MS Word or MS Paint with Adobe Photoshop. There is unfortunately no English version of the magazine, which I feel very sorry about and for you, if you don???t speak German.

The tests revealed already what I had feared, but more so did the editorial of that issue, which was about the state of Anti-Virus software, written in a narrative and funny way to cope with the actual sadness of things in this industry. It is titled ???Protection for Others??? and was written by Gerald Himmelein. I am posting a translation of this editorial here. The original German version can be accessed online and in PDF format from this page at the Heise.de web site. This editorial sums up my own experiences and frustrations perfectly.

Protection for Others

by Gerald Himmelein – Editorial for CT Magazin 26/2009 from December 2009

On an IT conference somebody invited me to check out the beta version of a program, accompanied by a nice female opinion researcher. Basically, i found the application okay although for me personally it lacked some features. Immediately several people came into my mind, who would get along with it pretty well.

When I said that the smile in the opinion researcher???s face briefly froze. After we were done, she explained somewhat frustrated that she was hearing this phrase over and over. At the end, the program never hit the market: nobody wanted to use it, all wanted it simply press it on to somebody.

This incident came intro my mind during the Anti-Virus Scanner tests (from page 98). For each test object I instantly knew somebody who would be a perfect fit for the solution. For some of the programs people came to mind that I did not like very much. Certain providers seem to want to punish their users for the legitimate purchase of their product.

Seen several times: The scanner locks away a harmless program without asking into the quarantine.
Just when you fought back its freedom (Do you really don’t want to abort?”), the background guard hits and kicks the just restored file back into its prison cell. Even the best performance can not make up for this.

Also nice: a few scanners make a big fuss if they find the tracking cookies that were swallowed by the web browser as if they had just detected extreme dangerous malware. If one day a real threat comes along, the user probably only responds shrugging one’s shoulders: Can’t be so bad. Desensitization through Hysteria.

Every single or last one of the virus-protectors cares a great deal that the user will notice how super-active he is being protected because of them. Details are held back, such as the age of the virus definition. If the scanner gives an alert, he disguises the true nature of the threat with cryptic abbreviations, which remain unexplained for the most part. “Trojan” is used as generic classification, for malicious key-loggers as also for completely harmless PC-Demos.

After finishing the tests of the current generation of scanners, I remain hesitant towards the decision, on which of those “horses” I should bet on privately. Without a “condom” into the Internet isn’t a solution either.

If we should bump into each other one day, you rather don’t ask me which virus scanner you should use. If I am in a good mood, I will only look at you unhappy. If I am in a bad mood, I might get myself to actually make a (poor) recommendation. I might suggest to get a Mac instead.

The Editorial depicts exactly the behavior of McAfee???s AntiVirus solution, but I also used other software solutions in the past myself and encountered similar issues, just not as bad yet ad with McAfee. With McAfee several tools that I frequently use ended up in the quarantine without a white-list option.

Still no news from McAfee. I am still completely irritated at this lack of fundamental features and could not believe that I am dealing here with the same company whose products were the first anti-virus software I knew about and used for year (1991-2000). I then used various corporate versions of other anti-virus software, including Kaspersky, through my former Employers. I got self employed in 2007 and looking for a good anti-virus/spyware solution for my personal/business home network ever since.

I wasted money any several solutions and stopped shopping around for the moment. I won’t touch Norton Anti-Virus by Symantec unless they turned around to become as good as McAfee appears to have gone bad.

I used to be happy with Spybot S&D in combination with the old Microsoft Defender (while it was still in beta and not a “full product package”), but both of those products turned sour a couple years ago.

I had Avira, which sucked. The default settings of their full protection suite basically removed the machine from the network, including the home network, not to mention the internet and impossible to configure properly, even for somebody who actually knows more about computers than the average user. It also sucked the life out of the machine while it was running in the background.

PC Tools Anti Spyware + Anti Virus was okay and did not eat up too much resources. You could also exclude stuff, like video files (based on extensions) or even specific files by path and file name.

However, I don’t trust it to be as up to date as it could and should be. It can also be rendered disabled by an attacker too easily. I experienced this first hand, when I literally saw how a Trojan infected the machine and finished it off in no-time. It saw the attack, wasn’t able to block it. Claimed that it caught and removed it and then kept silence ever after, even when I knew that the machine was not cleaned properly. Super Antispyware together with Spybot S&D and some help finished it off eventually.

I still use Super Antispyware (free Version) as a once in a while full system scanner/double checker, but don’t use the real-time protection of it.

LavaSoft Pro used to be the king of the Anti-Spyware/AdWare removers and blockers, but their once slim and efficient shareware tool also turned big-business and that was the end of it.

Who is left to check? Sophos? Trend Micro and Kaspersky I guess. Kaspersky has a good reputation, but I have not checked out their offers yet. I have seen too much good turn bad that I am reluctant to waste time and money once more on things that have little to do with what I do to make a living (using a computer).

Poorly designed user interfaces that are hard to use, too little transparency and information given to the user to be able to make a conscious and educated decision, combined with varying results regarding detecting threats that miss as much real threats entirely as they have false positives. Things went from bad to worse with little improvements by some providers in a few areas, but too little. In the article with the tests itself, CT also could not make a honest recommendation for any product that they tested (so the joking in the Editorial was not a joke after all). Finding the right combination is currently the only way to go at the moment; nothing easy to do.

Things got harder for the protection and scanner tools, certainly. They know that they are currently losing a war, so they should be a bit more helpful with providing users with as much and specific information, options and suggestions and also tools that the user himself can make the final calls at the end of the day. They go into the complete opposite direction instead and play the “risk management” game by numbers and odds calculated against the cost of development versus possible loss in revenue. I don’t gamble and don’t want to gamble.

I am always open to hear new ideas, recommendations and options, if you have any, let me know in the comments below. I???d appreciate it.

Cheers!

Carsten aka Roy/SAC

Note on the Side: I uninstalled McAfee from my computer a few days ago, because I had it with them. I had it more OFF than on to prevent that it quarantines programs that are not infected that I happen to use every now and then. It didn???t learn to do better and I also could not white list. Add to that all the other short-comings and it became clear that one had to go.

Well,?? McAfee does not help me to do my work and earn a living, but some of the tools it removed from my HD do. I reinstalled PC Tools Spyware Doctor with Antivirus for the time being. My subscription there is still good for another 2 1/2 months. But I am not really happy with them either, but it is better than using nothing at all :(.