This is part one of a three-part story. If you haven't read part one and part two yet, you should do that first.
At this point I'm past my threshold for endurance. Shoddy installer allows a partial install that borks my ability to establish an IP, incessant messages popping up during normal computer use, a driver causes blue screens due to some unknown interaction with other software, and (as I was about to find out), misconfigured uninstaller.
Mini-Rant: The second point you might quibble over, as almost all firewall software does this. But DSA2 takes it to the irritating extreme: it also pops up to ask you if you really want to run this program, every time a new process spawns that it doesn't know about. You can turn it off, and I did, but this mentality bothers me. As a software developer myself, I've seen message boxes get ignored, and more of them is not the answer. More messages to the user means more familiarity for the user in clicking No, or Cancel, or "whatever makes it go away". This is really a separate rant, on UI design, but yet it's relevant here. My own mother, who is hardly a technophobe yet also not the most tech savvy, has complained to me about this very thing, both when I installed Spybot's TeaTimer (which watches for important registry changes and asks you to allow/block them) and when I enabled her firewall software. Both times she told me she found herself just allowing everything through, because she didn't know what any of it was (and she's not going to punch each one of them into a search engine--but nevermind that; DSA2 doesn't give you time for that. You have 30 seconds to press a button. Geez.)
So it came time to uninstall DSA2. This should be the easiest part, shouldn't it? I fire up MyUninstaller again and lo, it isn't in the list. I search (yes, you can search for text in the list, one of many novelties Microsoft can't be bothered to give you in Add/Remove Programs) for Dynamic, and then for Privacyware. Nada. I look in the Start menu. Nope! I look for the option in the program. Nuh-uh. I google "Dynamic Security Agent uninstall" (without the quotes; this turns up results for most programs, particularly if people don't like them and want to get rid of them, which I would imagine DSA2 causing). Nothing useful. On a lark, I decide to fire up Add/Remove Programs, and there it is in the list, under Dynamic Security Agent.
Now I've been using MyUninstaller for quite some time, and this is the first time I've ever seen it fail to see something Add/Remove Programs saw. What non-standard way could they have registered their uninstaller that it would show up in one but not the other? You might think this indicates a bug in MyInstaller, not DSA2, but I'm inclined to lean the other way. It's proven in so many ways (including a shoddy installer) that it doesn't play nice with other applications or, in fact, the operating system, so why should it start now? Due mostly to the fact that I've never seen this happen before and I, as previously mentioned, install and uninstall a lot of software regularly, I'm going to say this one is on DSA2 as well.
I wish I had the perseverance to hunt down the "right" way and see how that deviates from DSA2's way; or to hunt down what exactly caused the BSOD that I kept getting before. But let's be honest. They don't pay me to debug their software. It's sufficient, for the purposes of this blog post, to say it didn't work for me. It didn't work for me and it wasted 5 hours of my time as it was, and I highly do NOT recommend this software. To anyone. I don't understand how it's rated so highly by users on Download.com, but I'm publishing my experiences with it, with error messages and such intact, so that maybe someone else googling them will have better luck than I did at figuring out what's wrong. Dynamic Security Agent is wrong. Get rid of it. I don't say that lightly. I very very nearly came to the point where I was going to throw my hands in the air and just go ahead and reinstall Windows. You shouldn't need a degree in Computer Science to clean up the mess a program makes, particularly a program you downloaded to prevent messes from happening on your computer.
Showing posts with label sleuthing. Show all posts
Showing posts with label sleuthing. Show all posts
Sunday, December 16, 2007
Spyware, Google, and Dynamic Security Agent (part 2)
This is part two of a three-part story. If you haven't read part one yet, you should do that first.
Back to diagnosing software then. First I check on the server end to see what it sees the client doing via the log kept by the DHCP daemon on my router (a Linux box). It received a discover and issued an offer, but it never received a request for an IP address (which it would respond to with an ack to complete the handshake). Something is very broken here. Next, I check the LSP list in Spybot to see if there's some residual brokenness from the malware I cleaned up--something in the form of a break in the chain caused by a file being deleted, say. No dice.
I check the Event Viewer (Start->Settings->Control Panel->Administrative Tools->Event Viewer or the "easy way" of Win+R, eventvwr.msc) for any hints as to where the failure is occurring. There are a couple of interesting System errors: A couple of services failed to start because "a device attached to the system is not functioning" (DHCP among them), "boot-start or system-start drivers" failing to load (I attributed this to my stint in Safe Mode), and "The Privacyware network service service failed to start due to the following error: The system cannot find the file specified." I check Windows' Services manager (in Control Panel, or Win+R, services.msc) and check the DHCP Client service's dependencies, then check to make sure they're all running. Check. Nothing else looks out of whack there. The Privacyware thing slips my mind and I move on to installed applications.
Now I don't use Add/Remove Programs under Control Panel, and I'll tell you why. I tend to be a power user (maybe you've noticed?), so I have lots of programs installed. The more programs you have, the (exponentially, or so it seems) longer it takes for Add/Remove Programs to populate the list of installed applications. What takes so long, I'm convinced (though I could be wrong) is calculating disk space. For each program, it looks at the location where it's installed and calculates the size of that directory tree. Not only does it take a long time, it's also often incorrect, for applications that share directories and the like. That all being irritating and useless to me, I instead choose to use MyUninstaller. So I load it up and sort by date of install, descending, and am looking through the most recently installed programs. What's interesting at this point isn't what I see, but what I don't see. The antivirus software is there, but Dynamic Security Agent isn't. Odd.
I check under the Start menu and don't find it (much less an uninstall option there). I look under Program Files but don't see it filed under the application name. I google it to find the company name. Privacyware...why does that sound familiar? I go back to Services and locate the Privacyware Network Service service, go to properties, note the file, and browse to it. It is, in fact, missing. Not having any clear way to uninstall it, I decide instead to reinstall it. This time the installation goes swimmingly. It wants to reboot. I reboot.
One of the first things I notice is that I have internet connectivity again. Having found the problem, I set about running all my internet applications (IM, torrent, web browser, etc.) I quickly realize that its process monitor is going to drive me up the wall, so I turn that off. I check in with AVG to see how its scan is going (it started a Complete Scan in the background hours ago, but with all my crap and the multiple reboots, it has yet to finish it). I open up AVG's Control Center by accident, instead. In just clicking around, getting used to the program, I go to open the Virus Vault.
Blue Screen of Death.
DRIVER_IRQL_NOT_LESS_OR_EQUAL in PWIPF6.SYS
As soon as I'm back into Windows, I google it. Nothing? Hmm. I google just PWIPF6.SYS. It's not an AVG driver that crashed--that driver belongs to DSA2. Thinking that maybe it's a fluke, I open up the AVG Control Center and try it again. Same BSOD. Next time I'm in, I try something different in the Control Center (can't recall what) and get the same BSOD.
Continue reading with part three.
Back to diagnosing software then. First I check on the server end to see what it sees the client doing via the log kept by the DHCP daemon on my router (a Linux box). It received a discover and issued an offer, but it never received a request for an IP address (which it would respond to with an ack to complete the handshake). Something is very broken here. Next, I check the LSP list in Spybot to see if there's some residual brokenness from the malware I cleaned up--something in the form of a break in the chain caused by a file being deleted, say. No dice.
I check the Event Viewer (Start->Settings->Control Panel->Administrative Tools->Event Viewer or the "easy way" of Win+R, eventvwr.msc) for any hints as to where the failure is occurring. There are a couple of interesting System errors: A couple of services failed to start because "a device attached to the system is not functioning" (DHCP among them), "boot-start or system-start drivers" failing to load (I attributed this to my stint in Safe Mode), and "The Privacyware network service service failed to start due to the following error: The system cannot find the file specified." I check Windows' Services manager (in Control Panel, or Win+R, services.msc) and check the DHCP Client service's dependencies, then check to make sure they're all running. Check. Nothing else looks out of whack there. The Privacyware thing slips my mind and I move on to installed applications.
Now I don't use Add/Remove Programs under Control Panel, and I'll tell you why. I tend to be a power user (maybe you've noticed?), so I have lots of programs installed. The more programs you have, the (exponentially, or so it seems) longer it takes for Add/Remove Programs to populate the list of installed applications. What takes so long, I'm convinced (though I could be wrong) is calculating disk space. For each program, it looks at the location where it's installed and calculates the size of that directory tree. Not only does it take a long time, it's also often incorrect, for applications that share directories and the like. That all being irritating and useless to me, I instead choose to use MyUninstaller. So I load it up and sort by date of install, descending, and am looking through the most recently installed programs. What's interesting at this point isn't what I see, but what I don't see. The antivirus software is there, but Dynamic Security Agent isn't. Odd.
I check under the Start menu and don't find it (much less an uninstall option there). I look under Program Files but don't see it filed under the application name. I google it to find the company name. Privacyware...why does that sound familiar? I go back to Services and locate the Privacyware Network Service service, go to properties, note the file, and browse to it. It is, in fact, missing. Not having any clear way to uninstall it, I decide instead to reinstall it. This time the installation goes swimmingly. It wants to reboot. I reboot.
One of the first things I notice is that I have internet connectivity again. Having found the problem, I set about running all my internet applications (IM, torrent, web browser, etc.) I quickly realize that its process monitor is going to drive me up the wall, so I turn that off. I check in with AVG to see how its scan is going (it started a Complete Scan in the background hours ago, but with all my crap and the multiple reboots, it has yet to finish it). I open up AVG's Control Center by accident, instead. In just clicking around, getting used to the program, I go to open the Virus Vault.
Blue Screen of Death.
DRIVER_IRQL_NOT_LESS_OR_EQUAL in PWIPF6.SYS
As soon as I'm back into Windows, I google it. Nothing? Hmm. I google just PWIPF6.SYS. It's not an AVG driver that crashed--that driver belongs to DSA2. Thinking that maybe it's a fluke, I open up the AVG Control Center and try it again. Same BSOD. Next time I'm in, I try something different in the Control Center (can't recall what) and get the same BSOD.
Continue reading with part three.
