I had a client engagement earlier this week with a customer who had installed McAfee Total Protection. Apparently McAfee takes the "Total Protection" part seriously, since the application's overzealous firewall killed his Internet connection. Maybe the McAfee folks saw the film "Wargames" too many times, took the adage "the only way to win this game is to not play" to heart and decided the best way to keep customers virus- and malware-free is to keep them offline completely.
It gets worse.
Before he called me for help, the client spent a few days working with his ISP, who replaced his modem (didn't help). Then he worked with McAfee's technicians over the phone. The McAfee
He called me because he still couldn't get online.
Checking Add/Remove Programs (now known as the less-negative-sounding "Programs and Features" in Windows 7 because who would want to "remove" programs?), nothing by McAfee was listed. Which was funny, since a glance at his Services showed three McAfee services, including firewall, running. Checkign MSCONFIG, it was also plain to see that McAfee apps were still in startup as well.
It gets worse.
Each of the McAfee services had their Stop, Start and Restart buttons greyed out (unselectable) and the Service startup options were also greyed out. Launching Services specifically as admin didn't help, either. Running "net stop service name" from the command prompt returned an "access denied" error. Unchecking the apps and services in MSCONFIG to ensure they wiouldn't start at reboot also didn't work. As soon as I clicked "Apply," the checkboxes returned! Trying all this in Safe Mode didn't help, nor did trying to simply stop these services from Task Manager.
Wow.
So in this customer's case, McAfee Total Protection "protected" him from the Internet completely by killing his connection AND protected him from himself by taking away any ability to stop the application from running. This is like taking the tires off someone's car instead of installing seatbelts.
To be fair, these difficulties may have been caused by the
The client told me he had already tried System Restore and that didn't help either.
Amazing.
In the end, my only option would have been to take the client's computer back with me, do a lot of research, possibly hack away at the registry (if McAfee Super Total Extreme Protection would have let me), all at $60 per hour. The client elected to put the problem back at McAfee's feet and call them with my findings, which was fine with me.
He called me later that night to let me know that he spent two hours on the phone with the McAfee guys who, after a fair amount of arguing, had him download a special cleanup app to another computer (one he COULD get online with), put it on a thumb drive and install it on the broken computer. Running this app finally removed the firewall and other apps McAfee left behind.
I told him "when you need a separate program from the manufacturer to remove it, THAT is a bad piece of software."
All things considered, he'd probably rather get malware then go through that again.
I just had to share. My next blog post will be more about AV/Malware solutions, some good ones you should check out and some bad ones to avoid at all costs (I bet you already know one). Thanks for reading and please check out my site, right here.
Be safe!
No comments:
Post a Comment