Print this article  |  E-mail this article  |  Comment on this article

Serious Flaw Hits Symantec AntiVirus

By Ed Oswald, BetaNews

May 26, 2006, 12:49 PM

Security research firm eEye warned Thursday that a high-risk vulnerability exists within Symantec's Norton AntiVirus 10.x that could allow for code execution. According to an advisory posted on eEye's Web site, the flaw does not require any user interaction to be exploited.

Especially troubling is the fact that that after the vulnerability is exploited, a hacker gains access to a command shell. This means that the attacker would be able to perform just about any action, and opens up the possibility of a worm automatically infecting systems.

The problem potentially affects millions of Symantec users, according to researchers. Over 200 million systems use Symantec's antivirus software.

Symantec is currently investigating eEye's claims but had nothing further to add at press time. It noted, however, that the company was prepared to offer a quick response and fix if necessary.

While proof-of-concept code is not publicly available at this time, it could be only a matter of time before hackers figure out ways to exploit the vulnerability. It is also possible they are doing so already, and security researchers aren't yet aware of it.

The Cupertino, Calif., based security software maker has been criticized for such issues and other missteps over the years. Recently, several problems have surfaced, including flaws in the company's Scan Engine product, as well as a critical flaw in the way it scans RAR files.

Additionally, Symantec has been caught using a rootkit-like feature in its products, and has suffered financial setbacks from a $1 billion tax bill owed by Veritas, which was bought by Symantec in 2004.

Add a Comment (103 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By The_Coyote

edited Jun 6, 2006 - 1:29 AM

There seems to be a little confusion about ghost, which is currently owned by symantec.

It was a product of Binary Research International, and stood for "General Hardware Oriented System Transfer".

Binary Research's enterprise version remains an invaluable tech tool.

Symantec did little to improve it, or PowerQuest's DriveImage. And don't even get me started on what Symantec did to Sygate Firewall products. :)

Score: 0

By Black-Wolf

posted May 30, 2006 - 8:25 PM

If you have the resource to obtain other softwares rather than Symantec's, please do so.

Otherwise, I would suggest the Corporate Edition as it does not have 1-year subscription issue unlike its NAV counterpart.

Score: 0

By Scipio

posted May 30, 2006 - 4:24 PM

To Nightops:

I have access to both Norton AV 2006 and Symantic commercial AV through my office. Is the commercial version better? Does it protect against a similar assortment of threats? I'd be very curious what the advantages and disadvantages are of using the commercial edition.

Score: 0

By PC_Tool

posted May 30, 2006 - 6:09 PM

Norton AV 2006 and Symantic commercial AV

They both use the same engine, AFAIK. No difference. (Same updates even)

Score: 0

By xyzcb1

posted May 30, 2006 - 10:26 AM

I agreed the Symantic AV is bloated and slow, and probably not as useful other AV products out there. But I think this acticle shown a link with all the recent attacks by virus. Any software with substantial market shares will get hit sooner or later. When Linux/Mac/OO get enough market shares, it will get hit too. But until then, they are consider by their fans as "safe" alternate to other probably software.

Score: 0

By nightops

posted May 30, 2006 - 1:34 PM

By Symantec AV I can only assume that you actually mean Norton AV, since Symantec AV CE is one of the fastest AV solutions in the world and, at present, has one of the smallest footprints next to NOD32. Unfortunately Norton AV does suck based on the bloated featureset, that really causes more confusion to end users that it helps.

Score: 0

By marrix

edited May 29, 2006 - 5:05 AM

Been using NOD32 for about 30 months, I consider it the finest purchase I have ever made over the net. Tiny footprint, quick scans, updates often, indeed some days there my be 4 or 5 updates, depending on what nasties are out there. Alerts of potential phishing email, questionable exe's. I format my HD every 3-4 months, prior to doing this will occasionally instal another AV. Always go back to NOD cannot praise this too highly.

Score: 0

By nightops

edited May 30, 2006 - 1:37 PM

Amen. NOD32 is my fav...but it's hard for me to want to shy away from my free student version of SAV CE 10. In about 1 year when SAV is completely outdated, then I will switch back to NOD32 and never look back.

What most ppl fail to recognize is that 93% of all viruses that actually infect a PC are due to a failure of common sense on the user's part. Opening attachments that have questionable names, intentionally visiting obscure sites and allowing the installation of unknown ActiveX routines (or turning your IE/Opera/FireFox notification off for it), or downloading a 'dialler' (intentional spelling, since that is the way most show up) for your favorite XXX site... All these simply set users up for receiving viruses.

Score: 0

By PC_Tool

posted May 30, 2006 - 6:08 PM

We're not doubting the idiocy of most users.

But some of us actually go to some "questionable" sites as part of our jobs.

For instance: I know *many* "warez" forums that provide better support information and technical know-how than the product's own websites.

In instances where I know I will be deluged with pop-ups, and potential viruses (downloading tech "fixes" from such sites, while usually safe can be hazardous), it;s always nice to know my Firefox + NOD32 have got me covered.

Score: 0

By spiked

posted May 28, 2006 - 11:40 PM

Interestingly, after Symantec feverishly tested to determine the exact versions affected, developed signatures as an interim way to detect exploitation, developed the various patches, tested the patches and posted them for download, and updated KB/advisory pages on Symantec's site...

eEye's advisory page hasn't changed one bit. It still indicates "waiting for vendor list" and "Initial report stage" status.

In other words, eEye was so concerned about the public's safety that it disclosed a vulnerability and promptly went on holiday. Symantec, on the other hand, responded rapidly and didn't rest until the job was done.

I don't run Symantec AV, and I don't like Symantec AV. At best, I consider Symantec products mediocre these days. But let's give credit where credit is due, and let's NOT commend eEye for sensationalism. I can buy the idea that a serious vulnerability should be disclosed IMMEDIATELY, but if that's what eEye truly believed, eEye should have been prepared to update the eEye advisory IMMEDIATELY with the latest information for people to protect themselves.

Score: 0

By Galway

posted May 28, 2006 - 8:04 PM

To say virus software X is better than virus software y is sometimes flawed. They all detect viruses using different methods, and some all packages will detect virus better than others for some viruses but not for others. Some update more frequent than others, some offer acrtivity monitoring that detects viruses on activity and not a signature.

Clearly its better to have AV than to not have it, and ave tried all the brands and personally dont like norton/symantec since the 2005 version and find it to be problematic, bulky, bloated and downright anoying when it doesnt clean what it finds.

Sophos i like, esp the corp version.
Kaspersky is good, AVG i like also.
EZ is ok, but nothing to shout home about.

You pays ur money and takes ur choice.

Score: 0

By rijp

edited May 30, 2006 - 1:50 PM

That's like saying ALL car alarms are created equally and they just have varying levels of security, and that in the mean time the level of security you receive is ample.

umm.. WRONG! Your level of COMFORT may be equal, but ALL AV programs are NOT created equally, and to have security, even false, is better than none.. not so.

Because if some hacker or car thief KNOWs the vulernability, then they can steal your stuff, so NO having basic security that ALL thiefs know how to circumvent the system.. isn't sufficient.

So its better to have the BEST protection, that you can afford. Having ZERO protection is still ZERO protection, you may THINK you are protected, but you AREN'T.

Score: 0

By PC_Tool

edited May 30, 2006 - 10:41 AM

Interesting theory.

Flawed, but interesting.

Show me one virus NOD32 missed. Ever. Even if they're not in it's database?

With NOD32 on my laptop. I can miss a few updates and *still* be assured that I am protected.

That's what 100% "In The Wild" detection gets ya.

...and to paraphrase a recent commercial:

They didn't say that. One of the top Independant Virus Research organizations (Virus Bulletin) did, at least 6 years in a row.

It's not gossip, it's not opinion. It's fact.

Score: 0

By DeadFly

edited May 28, 2006 - 6:48 PM

I'm assuming from most of the comments that most are talking about AV for home use... When you have a lot of users, the ability to manage their AV easily is not a trivial issue. That's why we still use Symantec... I looked at others and their managment capabilities were very basic. If others catch up and Symantec doesn't get their act together, they're going to start losing market share...

Score: 0

By Fizgig

edited May 28, 2006 - 4:52 PM

Frankly I'm not surprised that Symantec's Norton AV is in the hot seat again, it almost gives indications that's it's an inside job, I'd say that Symatec need a (fresh pear of eye's)new project manager. My advice use an alternative AV like BitDefender, Avast ect.

Score: 0

By Black-Wolf

posted May 28, 2006 - 11:39 AM

BitDefender, F-Secure are good.

Norton, as always, sells crappy software.

Score: 0

By Metshrine

posted May 28, 2006 - 11:49 AM

Again, this isnt the norton line of products. Its the symantec corporate editions which are alot better than their norton bretheren

Score: 0

By Floodland

posted May 28, 2006 - 2:52 PM

Norton and Symantec AV uses the same engine. What Symantec does better is to annoy less the user, but both products are fat and flawed at max.
Bitdefender is a crappy spyware product: And the question is why are you going to sacrifice your privacy to detect viruses? Or, how can I trust an antivirus company that spy on me? So bitdefender shouldn't deserve to be evaluated either. I can't say anything about f-secure since I don't use that product from old F-Prot D.O.S. days, but it was pretty good in that days.
For me, the best antivirus today is CA e-trust: Little memory footprint, little resources and it does it's job pretty good. Nod32 maybe deserves a recomendation here too.

Score: 0

By Metshrine

posted May 28, 2006 - 4:22 PM

Obviously the engines are different enough that ONLY the corporate version (the symantec line) products were affected.

Score: 0

By Black-Wolf

posted May 29, 2006 - 12:40 AM

It doesn't matter what engine they use.

NORTON ANTI VIRUS
SYMANTEC CORP EDITION

ALL SUCK.

It's common sense......
enuff said.

Score: 0

By Metshrine

edited May 29, 2006 - 8:36 AM

And your reasoning behind this is? How long have you used the latter? What makes it suck? Is it just your blind hatred for symantec? Is it because you are trying to be cool and go along with the stereotypical views set forth by the "majority" that "norton sucks"?

I've been running it for well over 3 years now (symantec corporate, back from v 8.0) and its not let a virus or threat through, and it uses a reasonable 30MB of ram. 30MB, for an antivirus, is not unreasonable and it doesnt slow my system down at all. I have it running on my old laptop, an IBM thinkpad with a 233Mhz proc and 192MB of ram on win98, and it still runs fast and detects everything. So again, what tests have you done or how long have you used the product that you have gotten this "symantec and norton" both suck? From your comments, I get the impression you are trying to go along with the "cool" guys out there that clammer about how much big corporations suck (symantec, microsoft, adobe, etc).

Score: 0

By Black-Wolf

posted May 30, 2006 - 1:13 PM

You are either not clear in the mind or never tested out other softwares as a froggy sitting in a well.

There's no need to mention my story further since there have been enough stories out there already.

The company - SYMANTEC - their anti-virus line is just horrible!!!

I can see that you have been defending them on every article related to Symantec... interesting...

Score: 0

By nightops

edited May 30, 2006 - 1:42 PM

Well, since that's your reasoning, allow me to step in. I've tested F-Prot/F-Secure, Panda, PC-Cillin, Norton AV, Symantec AV CE, NOD32, AVG, BitDefender, Trend Micro, CA EZ-Trust, and McAfee. To date, NOD32 and Symantec AV CE have had the lowest 'footprint' of any antivirus clients, been the easiest to manage, caused the least downtime, and have detected the most viruses. NOD32 is definitely the winner based on it's simplicity and scan-time. Trend takes #3 in my opinion. Either way, Symantec AV CE, time and time again, has continued to perform at an optimally high level.

However, to lend credibility to your argument, you probably do not know the difference between your CPU and your CMOS, could not POST without error codes, and can't flash your BIOS without reading a picture-driven manual. In that case, I can clearly see your point (btw, you failed to make any other than you are anti-Symantec)...in which case, I can imagine you were the 2nd person (next to your mommy) to jump on the anti-Bush bandwagon to fight against those 'big and bad oil tycoons'.

::EDIT::
And don't bother spouting that I have been defending Symantec AV CE on every other post, because that would be a fruitless waste of your time. I defend both NOD32 and SAVCE at every opportunity where I know that they accel, which is the normal response given the breadth of experience that I have, as any true IT person will agree, that you always defend what has proven itself repeatedly.

Score: 0

By Black-Wolf

posted May 30, 2006 - 2:48 PM

http://anti-virus-software-review.toptenreviews.com/

You know? By saying the stuff on your 2nd paragraph does not make you a "winner" O_o. It's pointless and doesn't increase your score at all.
I only found it interesting that your statement have been pretty much faulty. Well, it's just my own opinion against yours.

Symantec AV was my favorite program before but no longer as it gave me probems,
especially 1-year update thing was such a hassle (Renewal fee per year is $60-70 for 2-yr updates).

At work, we receive computers that are returned for service. Most of time these systems have virus infection and/or
spyware. The funny thing is Symantec's products were the majority among these systems such as Symantec AV CE, NAV series, or NAV Internet Security.
When there are viruses in the computer, Symantec products cannot do nothing except giving you massive notifications.
In some cases the software is crippled or disabled by the nastier ones.

To be fair, I would say it's true that Symantec may cost a bit less of system RAM usage, and the price is soso (1-year update only).

Score: 0

By rijp

posted May 30, 2006 - 2:40 PM

*::EDIT::
And don't bother spouting that I have been defending Symantec AV CE on every other post, because that would be a fruitless waste of your time. I defend both NOD32 and SAVCE at every opportunity where I know that they accel, which is the normal response given the breadth of experience that I have, as any true IT person will agree, that you always defend what has proven itself repeatedly.*

Hey hey hey! - as any true IT person will agree - Don't put us in this argument....

Any true IT person *loathes* Symantec. We defend what we KNOW to work with OUR environment, not every loadset, driver, or computers are the same. NOD32 may not be feasible on EVERY machine, so Symantec may be the only viable choice.. Maybe some environments prevent people from installing their own software, like don't allow admin on the desktop.. so Symantec would be sufficient, since you don't have the rights to the machine anyway..

SAVCE sucks. I don't care what testing you have done to say otherwise. Those other products you listed, are WAY better, so why even mess with inferior when you can have better anyway?

Score: 0

By Black-Wolf

posted May 30, 2006 - 3:07 PM

I guess he's the only True IT while we are not... hehe :)

Score: 0

By Silentmaster101

posted May 31, 2006 - 9:43 AM

eh in symantecs defense, its the only possible choice we have right now, where i work at a tech school as admin, everyone needs to be locked down, and it is hell to buy something here, with all the paperwork and poolitical crap we have to go through to buy stuff, as well as not having enough time or people to look up and try new things in the workplace, most times i have to try things on my own at home because i just dont have time.

Score: 0

By seadawg57

edited May 27, 2006 - 9:53 AM

I also switched to bitdefender. was using ca ez trust for years but switched when i learned that there virus sig response time was getting up to 3!! days.

Score: 0

By Metshrine

edited May 28, 2006 - 5:25 AM

FIXED

http://www.eweek.com/art...2/0,1895,1968603,00.asp

Nice job symantec, now let me put on my flame retardant suit since I praised you for doing a good job in patching this in a timely manner

It also appears the flaw only affects versions 10.1.0.39*. If you applied maintenance patch 10.1.0.400 you are fine. Guess this is one fact that the articles failed to mention, go figure.

Score: 0

By jspratjr

posted May 28, 2006 - 9:49 AM

Thanks for the info Metshrine...and I agree - nice job.

Score: 0

By tscar12

posted May 27, 2006 - 10:33 PM

Bit defender 9 and Kaspersky are rated the best "pay" anti-virus and AVG is rated the best "free anti-virus though from comments on this site I would also add NOd32; however, given the complexity of code and the the fact hackers are excellant at finding flaws, I would be careful with all anti-virus software. Just as apple found out when they achieved a whopping 4% market share and were hit and had to issue a ton of fixes even on their new system, be alert, don't listen to hype and know what commonsense steps you can take to make it more difficult for a hacker to get through your defenses. The sad thing is that clearly these hackers are brillant and could of made a ton of money working for any teck company but instead chose to turn their talents to illegal tactics to line their pockets.

Score: 0

By tscar12

posted May 27, 2006 - 6:46 PM

I would like to make the following comments:
1) Given the fact that hackers have been attacking systems in order to get financial info or passwords that can lead to financial info in order to steal for profit, it’s no wonder they have now turned their attention to anti-virus software.
2) Given the Symantec is one of the largest providers of anti-virus software and the problems with their software, it’s no wonder that hackers are 1st attacking it.
3) What this attack means is that all anti-virus software may be at risk in the future and one needs to be careful and be ready to drop any bias and switch anti-virus software if a problem is reported.
4) Whether the anti-virus software is free or pay makes no difference to hackers who are only interested in making money by illegally stealing info and then selling it or using it to steal real money from you.

Score: 0

By minus_seven_fold

posted May 27, 2006 - 5:50 PM

Norton 06 Internet Security is alright at blocking threats, but it sucks at removing virus's which of course defeats it's purpose.

Score: 0

By chefmerkel

edited May 27, 2006 - 2:23 PM

I use to use norton but now I have using Avast for about a year now and it does the job. I found norton to be system hog. It really doesn't suprise me that Systematic is have issues at this point. Do yourself a favor and try out Avast!

Score: 0

By Pcfreakske2000

posted May 27, 2006 - 12:54 PM

I will NEVER install Norton or Mcafee on my computer again.

I use PandaSoftware's Panda Platinum Internet Security 2005 at the moment and it's working very well.

It also has TruPrevent Technologies on board to protect your computer against unknown threats.

I will never tell someone to install Norton or Mcafee. Because both suck big time , like this news item again proves.

Score: 0

By rijp

posted May 30, 2006 - 1:34 PM

*I will NEVER install Norton or Mcafee on my computer again.

I use PandaSoftware's Panda Platinum Internet Security 2005 at the moment and it's working very well.*

I agree with first sentence, second sentenc, not so much...

I gave panda a chance, 2 or 3 times. Fresh install, replace current AV solution, didn't matter.. Panda wouldn't work for me, very unstable.

TruPrevent is a brand, not a globally recognized preventative action. ALL AV programs have some sort of "bullet proof scheme" to prevent and detect virus activity.

Some work better than others, but I wouldn't say Panda is the best..

Score: 0

By Silentmaster101

posted May 31, 2006 - 9:47 AM

is panda a viable solution for a teired network that is fairly locked down? there seems to be few alternatives to symantec for School network environments.

Score: 0

By PinkysBrain

edited May 27, 2006 - 1:12 PM

Ahhh, the same old story...

Whether or not it's Kaspersky, Panda, or Fred's won't matter -- once there's enough of an installed userbase, it becomes a viable target for either an exploit or an exploit hoax.

Whatever you choose - stick with it. Don't delete Norton or McAfee based upon what you read here. "Goin' bareback" isn't the answer.

Score: 0

By rijp

posted May 30, 2006 - 1:31 PM

:) Yes, 'tis true... to a point.

People are the problem, however, not the product. People put stuff on their machine, which INTERFERES with the products ability to work..

And since many products don't cooperate, its tough to figure out who really is to blame.

Score: 0

By ezh

posted May 27, 2006 - 10:18 AM

Try out the new Kaspersky. It's amazing.

www.kaspersky.com

Score: 0

By budthestud

edited May 28, 2006 - 11:37 PM

Kaspersky Internet Security 6.0 blows away anything currently on the market. A recent study proved that Kasperskys scan engine reconognizes 25% more threats than the competition. The only product which came very close to Kaspersky was Ewido anti-malware.

I currently use both of these products together and I would never trade this solution for anything in the world.

Norton.....YOU SUCK !!!!!!!!!

Score: 0

By nightops

posted May 30, 2006 - 1:31 PM

"Kasperskys scan engine reconognizes 25% more threats than the competition"

To a true IT person this simply means that they have 25% more names for variants/strains of the same virus than any other AV on the market.

Score: 0

By nefarious1

edited May 29, 2006 - 8:48 PM

I notice you didn't cite a reference for your mythical "study". I call BS.

I have used KIS and KAV 6.0 extensively. And now that I am no longer paid to lie for Kaspersky, I can be honest: The products were rushed out the door, and are very problematic on many systems. Have you noticed that the application integrity feature is disabled by default in both KIS and KAV 6.0? (And I am talking about the 6.0.0.300 "gold" versions.) This is because this feature has a nasty habit of sucking CPU terribly. So what to do--fix it? No, ship now, fix later. Nice.

What's more, there are still stability issues. I'm sure you will say that KAV runs perfectly for you. Which is wonderful (I will surely sleep better tonight). But I've seen the KAV 6.0 engine crash with no obvious reason why--which renders all of its protection null and void.

And, no matter how it works or what you claim, it impacts performance more than NOD32.

Score: 0

By Macross74

posted May 27, 2006 - 8:46 AM

I actually stopped using there bloatware about 2 years ago for avg for a free product.
but in this day and age, problems occur with every product these days.

Score: 0

By Daddy_Spank

posted May 26, 2006 - 9:29 PM

Symantec has always been, and will be a piece of *** company in my opinion.

Score: 0

By The Man

posted May 28, 2006 - 12:10 PM

gee...
thanks for the intelligent post

Score: 0

By mathue

posted May 26, 2006 - 7:58 PM

Hmmmm...

-Snerk!!-

Score: 0

By Hellcat_M

posted May 26, 2006 - 2:16 PM

I was waiting for something like this to happen, Symantec has been skimping on their standard version for years. They need to just rewrite the whole thing and start making it built from the corporate code or something. Mcafee antivirus is just as bad, and their corporate sucks too. CA or Trend Micro are the best pay, but I use Avast, its free and does a good job.

Score: 0

By bourgeoisdude

edited May 26, 2006 - 4:49 PM

"...was waiting for something like this to happen, Symantec has been skimping on their standard version for years."

Betanews didn't mention this, but this affects only the Corporate version and NOT the Standard version of Symantec. Too bad BetaNews appears to be one-sided these days--correct me if I'm wrong, Ed (though I'll probably just have this post removed instead...)

"Security research firm eEye warned Thursday that a high-risk vulnerability exists within Symantec's Norton AntiVirus 10.x that could allow for code execution."

Not a false statement, Ed, but misleading. It does not say Symantec's Norton AntiVirus 10.x Standard, but leaving off the word Corporate portrays that it would be the Standard version.

Doesn't bother me, since I verify information from multiple sources rather than relying on only one--but since the world is full of lazy people, many of them read strictly BN and therefore believe a lie that was not directly told, but implied.

Yup, this post, and perhaps my username, may be doomed--maybe this will reach someone before it is though. If I disappear, that's probably better anyway. I spend too much time posting here instead of doing more constructive things anyways :)

Score: 0

By nightops

posted May 30, 2006 - 1:32 PM

It's good to note that the update from late evening on 5/26 patched up this vulnerability. Just a side note. CE clients were only at risk if they had not updated since 5/23

Score: 0

By rijp

posted May 30, 2006 - 12:51 PM

The Corporate versions of products, are the SAME as the standard versions of the product, they even have the same build numbers.

Trend does this, ESET, Mcafee, and so does Symantec. We have Corporate 10 of Symantec, which is the IDENTICAL version as Antivirus 2006. you can even download the same product updates for both, and it will work.

So the need to distinguish corporate from standard, is ancillary. They are inclusive.

The corporate versions have extra features which allows them to be managed by a server, that's all. They can still be updated by some "live update" product.

Anyway, its a moot point, Symantec products are inferior to other products in the same genre, and we have dropped Symantec (all of them) due to Symantecs apparent lack of technology. Not only that, but Symantec, these days, much like this article proves, seems to be very lacking and don't meet standards for good software.

There was a time when Symantec was good, but they haven't been since 2003 (and other people on the forums have also mentioned this little fact)

Score: 0

By ehn

posted May 27, 2006 - 5:23 PM

I don't think the ommission was intentional, but I do agree it is causing confusion. I didn't know if the vulnerability was for the home or business versions myself. Looking at the original site for an explanation didn't clear it up all that better. Here is what eEye posted:

Software Affected:
Symantec Antivirus 10.x
Symantec Client Security 3.x
(Other Symantec Antivirus products are also potentially affected, waiting for vendor list)

Score: 0

By fewt

posted May 26, 2006 - 8:18 PM

I've never seen anyone deleted from Betanews for posting corrections.

Believe me, I've seen a *LOT* of posts that have been deleted over the years.

oh, and ..

heh ;-)

Score: 0

By PC_Tool

posted May 28, 2006 - 12:45 PM

There was this one guy...I think his name was Server Mechanic...

Had his account deleted for some reason.

...probably deserved it though. ;)

(We love ya, JD)

Score: 0

By fewt

posted May 28, 2006 - 5:36 PM

I've had my account deleted once or twice, can't say I didn't deserve it though.

heh

Score: 0

By rijp

posted May 30, 2006 - 12:52 PM

I am still here! And as we all know my account should have been deleted.. probably since day 1!

Score: 0

By PC_Tool

posted May 30, 2006 - 2:15 PM

Deleted?

Printed, stacked neatly, and burned in public.

Then deleted.

*grin*

Score: 0

By Budgie29

posted May 26, 2006 - 2:13 PM

Use Panda or Kaspersy
Never Never install Any Norton or Symantec products

it just cause trouble and down time

Score: 0

By bourgeoisdude

posted May 26, 2006 - 5:43 PM

"Never Never install Any Norton or Symantec products"

Even Norton Ghost? PartitionMagic? Maybe you said what you truly mean, but am I correct that you refuse to use any Norton/Symantec products, whether they are security related or not?

Score: 0

By rijp

posted May 30, 2006 - 12:55 PM

*Even Norton Ghost? PartitionMagic? Maybe you said what you truly mean, but am I correct that you refuse to use any Norton/Symantec products, whether they are security related or not?*

Norton Ghost - unfortunately, they bought the same people that make partition magic, but he is right. Symantec products suck. Yes, all of them!

Yes, security or not, Symantec, should NOT be installed on your machine. They are like Microsoft in this respect, that they share libraries and dll's across their product line. One security vulnerability, is vulnerability for ALL.

We have many of our clients at my company, who also dropped Symantec.. Their customer service has also been suffering of late, so we and many other companies have stopped using Symantec.

Score: 0

By PC_Tool

posted May 30, 2006 - 2:16 PM

Norton Ghost - unfortunately, they bought the same people that make partition magic,

If you meant to put a 'from' in there, you are wrong.

Ghost was originally owned by Ghost Software, and purchased by Norton.

PM, used to be Powerquest, until Symantec bought them.

Score: 0

By PC_Tool

posted May 26, 2006 - 6:39 PM

He should have specified only product Norton/Symantec created.

The two you mentioned were purchased.

Ghost from Ghostsoft in the 90's.

And Partition Magic from Powerquest much more recently.

I actually used Ghost when the kid who wrote it still owned it. God, he must've made a fortune. Lucky SOB.

Score: 0

By The MAZZTer

posted May 26, 2006 - 7:56 PM

Not necessarily. I bet the guy that sold Gates DOS is still kicking himself.

Score: 0

By PC_Tool

edited May 30, 2006 - 10:57 AM

I know for a fact, the company I worked for gave the GhostSoft dude several hundred-thousand dollars.

For that tiny little proggy (It was still at or near 3MB back then), even $100000 makes him a lucky SOB.

Can you even imagine writing some program in your spare time at school and ending up having it make you wealthy beyond you (or your parents) wildest dreams?

Score: 0

By spiked

posted May 26, 2006 - 11:31 PM

Actually, Rod Brock (owner of Seattle Computer Products) kicked Microsoft for an extra $1 million, six years after originally selling DOS to Microsoft for $25,000 and collecting $50,000 more for early modifications.

Tim Paterson, the employee who actually wrote DOS, went to work for Microsoft, not once but three separate times. He spent more than half of the years between 1981-1998 at Microsoft before finally leaving to putter on "special projects" such as Battlebots. I would say that he probably built a decent nest egg at Microsoft, even if it's not on the magnitude of Gates' fortune.

Score: 0

By csamaha

posted May 26, 2006 - 2:24 PM

My favorite antivirus software is Eset NOD32. I like it even more than kaspersky, and the price is better.

Score: 0

By PC_Tool

posted May 26, 2006 - 3:46 PM

I'm a NOD32 fanatic. :)

...but with good reason. :P

Score: 0

By Silentmaster101

posted May 31, 2006 - 9:56 AM

does it work in a school network environment? like can it be server managed without user input/intervention?

Score: 0

By bourgeoisdude

posted May 26, 2006 - 3:18 PM

Off Topic--but I intend to try NOD32 soon as so many people are recommending it. Will probably stick with AVG for the long run as I have every time I attempted another program, but I'll definately try it.

Score: 0

By PC_Tool

edited May 30, 2006 - 11:03 AM

Please do.

Small, fast, and all but impenetrable. Also includes spyware and adware protection now.

I used many clients previous to NOD32. Mcafee was the latest. I got a virus Mcafee couldn't clean. Rather than do it myself, I downloaded NOD32 (Which I'd heard about from someone here), and it got rid of it.

I figured it was a fluke and uninstalled it. Still had plenty of time left on my Mcafee subscription.

About a week later, I got another one. Couldn't believe it, and Mcafee again couldn't get rid of it (I really wish I had written the names down). Downloaded NOD32 again...and it worked.

Uninstalled Mcafee this time. Bought NOD32 a few weeks later.

Since then, I've convinced several relatives, and every laptop user here to purchase it.

Give it a try. If one month is not long enough for your liking to test it, search Google for the word 'nsane'. You'll be able to get some extra trial-time off of it.

If you *do* decide you want it, buy it. These guys deserve it. :)

Score: 0

By nefarious1

posted May 29, 2006 - 8:55 PM

Oh, stop being a loser. How cute, you know how to extend the NOD32 trial. If you want to play games, use a freeware AV application--there are many to choose from. If you want to use NOD32, pay for the damned thing.

Score: 0

By rijp

posted May 30, 2006 - 1:00 PM

Wow, did we stop taking our meds today?

Score: 0

By PC_Tool

edited May 30, 2006 - 11:04 AM

Wow.

You didn't read this part:

If you *do* decide you want it, buy it. These guys deserve it. :)

Or this part:

Bought NOD32 a few weeks later.

Since then, I've convinced several relatives, and every laptop user here to purchase it.

Way to *not* read the post, man.

Bought it. 3 times(for all three computers I own). Got family and friends to do the same.

Give it a rest.

Thou art not Holier.

And uh...

Oh, stop being a loser. How cute, you know how to extend the NOD32 trial

So what am I? Cute? A loser? A cute loser? An acute loser? I mean, at least *try* to make up your mind.

Score: 0

By bourgeoisdude

posted May 26, 2006 - 4:31 PM

Just for curiosity's sake--have you tried AVG? It definately isn't impenetrable, but it, like nod32, is small enough on its own and doesn't hog resources on your PC, yet does a more than decent job of AV protection. Try the trial or the free version (only for home use) if you haven't already, and I'll be trying out nod32 starting tonight.

Score: 0

By nightops

posted May 30, 2006 - 1:58 PM

Definitely not a fan of AVG. However, this may be just a slap from other vendors, but if you scan an AVG-clear PC through your LAN with another PC running SAVCE, McAfee, or Trend, they detect AVG as a virus, LOL.

Score: 0

By rijp

posted May 30, 2006 - 1:13 PM

Among the antivirus products, its preference. One is not necessarily better than the others, but Symantec is the worst of the lot. McAfee is probably a notch above that.

The top virus programs, its a wash as to which one you want. I alternate between AVG, NOD32 and Kaspersky among many machines, just in case a virus slips past one virus program, theorhetically, it won't compromise all of them at the same time, so having a backup of another virus (not on the same machine) isn't a bad thing. If you have a couple of different machines at home, I would recommend using AVG on one and NOD32 on the other..

You never know.. I don't have a problem with any of those, but its always a good idea to use multiple spyware checkers (you can't have enough of those) and different virus programs with personal machines. Corporate machines (I can hear it now - so why don't corporations do this?) they get a discount using more clients.. but even servers get a different virus program than client machines, and development boxes using something else. If a virus hits, and there is no update for it immediately, your whole company could be affected if you don't vary the standard...just a little.

Score: 0

By PC_Tool

posted May 30, 2006 - 2:20 PM

I hate to admit it, but that's one of the most intelligent things that's been said in this forum yet.

I'm shocked.

Expecially the Corp / Home user bit.

AVG I used a long time ago. Apparently thay've improved. Choose Mcafee over them about 2 years ago. Choose NOD32 over Mcafee about 1 1/2 years ago.

Been happy ever since. Especially when they included Anti-spyware and adware removal in their tiny, fast little client.

I may have to throw AVG on one of my systems and have a go at it though. Is it just AV, or does it do other Malware was well?

Score: 0

By rijp

posted May 30, 2006 - 2:49 PM

*I hate to admit it, but that's one of the most intelligent things that's been said in this forum yet.

I'm shocked.*

I don't know whether to be applauded or appalled!

Are you shocked that *I* came up with this, or simply that its mentioned in our usual inflammatory manner of forums?

I can be helpful when the need arises, but I am usually diffusing someone lambasting MS or defeating an argument when all sides haven't been considered.. Or as you have concluded on many occassion, I am just here to "cause trouble" or "just contradictory".

At any rate.. I am technical, and I do have clients of my own, so I may actually know a thing or two.

Score: 0

By The Man

edited May 30, 2006 - 11:48 PM

MS sucks

Score: 0

By PC_Tool

posted May 30, 2006 - 4:32 PM

It was the delivery that got me. Coherent, civil. You didn't call anyone names or use caps....

So unlike you. :P

Score: 0

By PC_Tool

posted May 26, 2006 - 6:37 PM

Used it a *long* time ago. Chose Mcafee over it. Can't quite remember why.

I suppose it's worth a shot. Does it scan for and detect spyware and adware as well?

Ever since NOD32 started doing so, I've really liked only having to have the one app...instead of a suite. :)

Score: 0

By joeshmoe7

posted May 27, 2006 - 7:30 PM

I've been using AVG for a little over a year now. At first it seemed a little weak, but lately it has been pretty darn good at finding things. I don't know about adware and spyware, but i do know lately, actually the other day, it detected a trojan that NOD32 and AVPersonal and Microsoft's ( :O ) missed... i tested it on one of the online malware scans. Only a few picked it up, KASP. and AVG and i think F-PROT and SOPHOS. Maybe for free, the only one i can think of is AV Personal Edition which also detects some ad-wares and spywares, but it also had a lot of false alarms for me :( Also, theres one called Dr. Web that i also use that picks up a load of adware and spyware along with trojans, viruses, dialers blah blah it's not free though if u want to scan in archives.

Oh yeah and it was a .. umm.. patch that i was testing hehe. Oh yeah the online scan site i use is www.virustotal.com - it has a lot of scanners.

Score: 0

By nefarious1

posted May 29, 2006 - 8:57 PM

Missed a trojan? Big deal. I've found two trojans that Kaspersky missed. Yes, they were indeed quick to add them once I submitted them, but if I was your typical moron who ran it rather than testing it forensically, I would have been infected with them.

In case my point isn't clear, it is simply that it makes no sense to base your opinions of an anti-malware solution on one detection. Or, for that matter, one review or even an entire review site like av-comparatives.org.

Score: 0

By joeshmoe7

posted May 30, 2006 - 1:17 AM

hell i've found lots of things many scanners have missed on infected systems, so no argument here. All i'm saying is, for FREE, i think AVG is awesome.

Score: 0

By mjm01010101

posted May 26, 2006 - 1:49 PM

If Symantec loses/settles with MS, I smell a shareholder revolt.

Score: 0

By pyridox

edited May 26, 2006 - 1:27 PM

I like Symantec Antivirus Corporate edition (SAV-CE) the best, better than McAfee. But the standard (retail) Norton Antivirus can be trouble. Especially if you have to uninstall it, you could be in for a tedious cleanup of the registry, etc. Been down that road a few times already.

Score: 0

By bourgeoisdude

posted May 26, 2006 - 3:09 PM

"I like Symantec Antivirus Corporate edition (SAV-CE) the best"

You realise of course that this problem is SPECIFICALLY in the Coorporate version, right? Yup, home users don't have to worry about this one...though the program they have is useless against virus infections, so I suppose it's about the same :)

Score: 0

By rijp

posted May 30, 2006 - 1:16 PM

*You realise of course that this problem is SPECIFICALLY in the Coorporate version, right? Yup, home users don't have to worry about this one...though the program they have is useless against virus infections, so I suppose it's about the same :)*

That is actually not true. The base version of the product is the same engine (depending on version) as Anti-virus 2006. Look in the registry, you will see Symantec identifies itself as a build/version which will match the home (standard) version.

Score: 0

By ChrisSpera

posted May 26, 2006 - 1:55 PM

The best thing to do is NOT uninstall NAV or NIS; but to blow the box and rebuild it from scratch. I've tried on NUMEROUS occasions to uninstall/reinstall NAV or NIS and have had to resort to rebuilding the computer from the ground up. Once its in, it needs to stay in. If it craps out... FORMAT c:\ is your best bet...

Kind Regards,

Christopher Spera
Sr. Editor,
WUGNET Publications, Inc.
Windows Users Group Network (WUGNET)
www.wugnet.com

Score: 0

By rijp

posted May 30, 2006 - 1:25 PM

...interesting, you build from scratch.. but yet you can't make an image of a system, so you don't waste time installing drivers?

You can install a base machine with default stuff, office, os, drivers, software, anti-virus, spyware, and make an image..

And you call yourself a magazine Editor? That is your advice?

Maybe you should have ASKED someone to help you, because you shouldn't have to REBUILD any machine from format.. That's a tad bit on the exreme side, and its only for people as a last resort.. or people that don't have the proper knowledge to FIX the problem in the first place.

I have had numerous Symantec problems, but I don't remember one that required me to start over.

Score: 0

By zenarcher

posted May 26, 2006 - 2:33 PM

I've been down that same road with customer computers, several times. You're quite correct..FORMAT c:\ is the best way to go...and avoid NAV, whenever possible. Generally when I explain the situation to customers, they will opt to avoid NAV. Generally, I recommend Kaspersky.

Score: 0

By rijp

posted May 30, 2006 - 1:27 PM

No to argue the point, but you are REALLY saying you start from a fresh machine to help a customer, or are you using this as a simple example of what needs to be accomplished?

You aren't really saying you sit at a computer, boot from OS CD, format disk, install OS, drivers, and software are you?

You are just saying you need to reload some sort of image....right?

Score: 0

By PC_Tool

posted May 26, 2006 - 2:02 PM

...which is why it will *never* touch my system.

Score: 0

By FlAshdobe

posted May 26, 2006 - 1:46 PM

Happened to me as well, actually that was the first time I attempt to give a try of Symantec Norton AntiVirus! after I installed it, my system startup time increased about 1 min, normally it only take 30 seconds! After I installed Symantec Norton AntiVirus it took almost 2 mins for my pc to start up. It installed over 5 differet stupid background processes. I was really freaked out by that, so I unistalled the whole crap. and after I rebooted my pc, wow I see a totally different windows :D my taskbar was in the middle of the screen. my quick lunch icons was on the left of the screen, Symantec Norton AntiVirus screwed up my system entirely. That was my first time use Symantec Norton AntiVirus and it will be the last time for that sort of crap!

Score: 0

By varsity

posted May 26, 2006 - 1:19 PM

Absolutely laughable.

Score: 0

By nefarious1

posted May 29, 2006 - 8:59 PM

This could have happened with any AV solution. A week ago, no one had an idea that this flaw existed. How do you know that YOUR software isn't vulnerable to some attack? You don't.

Score: 0

By varsity

edited May 31, 2006 - 10:21 AM

Yeah it could, but it hasn't happened yet with my av app. My point about this being laughable is that this is just another black mark in the history of Symantec's antivirus, especially in recent years. Their personal antivirus utility is garbage. No product on the market is perfect, but there is nothing as embarrasingly problem-riddled as symantec's product.

Yes, I have used Nortons antivirus and Internet security suites from 2002 - 2004 exclusive, when I didn't know better. Those were three of the most agonizingly frustrating years of using security utilities that i ever experienced. Never ending problems; re-installs, bloat, system-crippling performance, creating rules on its own, leftover crap, you name it. I'm just mentioning this in case you try to claim I've never used their products.

*Actually, I should point out that the 2002 security suite was pretty decent. It was the 2003-2004 suites that gave me considerable grief.*

Score: 0

By rijp

posted May 30, 2006 - 1:21 PM

Actually, that is a good point. You DON'T know, but you TRUST other companies because they seem to be more pro-active than others, e.g. Trend. Secunia has them listed as one of the top virus checkers, so you have to put your trust in SOME software..

You HOPE its going to be good, I trusted Symantec exclusively for 10 years or more, only used Symantec, I was finally convinced they haven't been good.. and for a while now. So now I am sour on ALL symantec products (because there have been proven problems with a couple more I have been in contact with).

So what do you propose the solution to be? If you can't be 100% assure YOUR software isn't vulnerable, how you INSURE you are protected?

You REALLY can't.. that's why they INSIST people backup.....

Score: 0

By varsity

posted May 30, 2006 - 9:30 PM

Absolutely correct. I have backups of ALL my critical data coming out of the rafters, figuratively speaking, some on-site, some off-site. Not only that, but I also have Acronis True Image backups and a couple of cloned harddrives for my machines, ready to go just in case. Obviously you have to place a certain amount of trust in whatever security utilities you prefer to use, so I just go with what I feel does the best job based not only on reading many, many reviews, but also on what I feel most comfortable with. A product's reputation says a lot. Symantec's rep has been getting pretty tarnished of late. How can anyone who has done any meaningful research possibly place their faith in Symantec's personal antivirus (I see good things said about their corporate version so nothing negative to say about it).

Score: 0

By PC_Tool

edited May 30, 2006 - 10:50 AM

I think amount and range of code / functions might lead to one AV solution being more susceptible to such attacks/vulnerabilities than others.

Smaller, less code-heavy clients, for instance, would feasibly stand a better chance of having fewer holes, due in part to both less code in which flaws may reside, and easier, less time-consuming code-verification.

SAV is notorious for it's extremely large codebase.

How do you know that YOUR software isn't vulnerable to some attack? You don't.

True, but the law of averages works against them much more that it does a smaller client like AVG, Kasp, or NOD32. (in regards to average flaws per page of code)

Score: 0