Forgot your password?
typodupeerror
Software Security

Symantec Support Gone Rogue? 268

Posted by Soulskill
from the less-than-helpful dept.
DigitalDame2 writes "PCMag Security Analyst Neil Rubenking has always praised Symantec's tech support. Lately, though, a number of readers have reported problems with chat support, so he investigated. Rubenking was trying to install Norton 360 version 3.0 on a malware-infested system when the computer crashed with a blue screen error. He connected with Symantec tech support and was told that they could fix the problem, but for a fee of $100! (Here is the transcript and screen-captures of the chat.) Even more, Symantec support suggested that he use a malware-removal tool that wasn't even made by Symantec."
This discussion has been archived. No new comments can be posted.

Symantec Support Gone Rogue?

Comments Filter:
  • Uhm...? (Score:5, Funny)

    by Anonymous Coward on Friday March 06, 2009 @11:16PM (#27101701)

    They just went rouge?

    • Re:Uhm...? (Score:4, Funny)

      by conureman (748753) on Friday March 06, 2009 @11:18PM (#27101717)

      Given today's "anything goes" business climate, they're probably not embarrassed in the least.

      • Looks like the tech support guy was cutting and pasting from a document. See the slide "Pay up" [pcmag.com]. Note how the sentence starts, then it starts again 3 words later. Almost certainly laziness or they are trying to juggle too many conversations.

        • Re: (Score:2, Informative)

          No he wasn't cutting and pasting and he was paying very close attention to what he was doing. I've worked support before and I can tell this was a CYA step. If a complaint came back he point at this statement and say the customer was warned.

        • Re:Uhm...? (Score:5, Insightful)

          by Killall -9 Bash (622952) on Saturday March 07, 2009 @04:14PM (#27106629)
          This article is complete BS.

          Customers are ill-informed if they think that AFTER getting infected is the time to buy security software, and Its not the fault of the guy you're on the phone with that purchasing 360 does not include hours of over the phone support.

          It is perfectly fucking normal to not be able to install software when your computer is infected with malware.

          The writer of the article is a fucking douche, has unrealistic expectations for technical support for a retail product, and apparently (based on his purchase) does not understand that Symantec's business model is formed around IT execs having someone else to blame when (not if) their corporate network gets virus'd up.

          The writer of this article, and the retard consumers he thinks he's protecting, made a fucking mistake. The mistake was this: they walked into Best Buy with their 'broken' computer. Geek Squad wants $170 to fix their computer. Norton costs $39.99. A few minutes of lowIQ number crunching later, they arrive at a decision, which is the fucking wrong one. Then they get mad at Symantec for not wanting to talk to you all day.

          Much like Microsoft, I hate Symantec the same as you, but you hate them for the wrong reasons.
          • First of all, let's not resort to namecalling here.

            Neil tested the the software on 12 different infected systems, and found that one resulted in an endless-loop problem requiring support, whereas it installed and worked properly on the others. That right there alone is a better than 90% success rate for Norton. That's hard data. What hard data have you come up with after your extensive testing of av products, Killall? Yeah, I didn't think so.

            But this isn't a story about the program's performance (that's in

    • Re:Uhm...? (Score:5, Funny)

      by ScrewMaster (602015) * on Saturday March 07, 2009 @12:26AM (#27102077)

      They just went rouge?

      Yes indeed they did, and apparently they're into mascara, lipstick and eyeliner as well, with just a hint of blush. Of course, you need a good foundation.

      • by aliquis (678370)

        Yes indeed they did, and apparently they're into mascara, lipstick and eyeliner as well, with just a hint of blush. Of course, you need a good foundation.

        Why bother with makeup when all you need is grease [imdb.com]?

    • Re: (Score:2, Informative)

      by robfromnyc (1217994)
      about time. i stopped using them and mcaffe like 5 years ago. They charge ridiculous amounts of cash to slow down your system. Get free stuff and stop slowing down your system. Use Avast and Spyware Doctor (free from Google)
    • by JosKarith (757063)
      Worst... outsourcing... evar.
  • It could be worse (Score:5, Insightful)

    by Urd.Yggdrasil (1127899) on Friday March 06, 2009 @11:19PM (#27101727)
    At least they had him use a decent anti-malware program [malwarebytes.org]. I generally find symantec products to be more of a virus than most viruses, that crap is hard to get rid of once it's installed and doesn't detect much of anything.
    • by mysidia (191772) on Friday March 06, 2009 @11:36PM (#27101825)

      I'm not surprised. Norton makes an anti-virus/anti-worm/anti-spyware product. Not a general anti-malware/anti-adware product.

      Their tool does one thing (sort of) well, scans for viruses, and pretends to do a few other things well.

      Unfortunately nowadays, there's software that's more insidious than viruses, and it's beyond Norton's skill to detect.

      Also, I doubt intrusion by malware not relevant to the AV is covered by software support agreements; troubleshooting an infected PC is up to the user, or the PC repair shop they'll hire to fix it.

      AV support is for when your PC is working correctly and you are having problems running your AV, having trouble scanning a file, or not detecting a virus in an infected file.

      If you actually got already got your system infected, before even trying to install the AV, that's 100% your issue.

      Of course, the AV software won't install, the various malware programs prevent it from happening, and it's your problem to solve.

      Not the A/V maker's. The only solution they can really offer you without a liability risk is to format, or hand the PC over to a qualified service person.

      • by Schemat1c (464768)

        Unfortunately nowadays, there's software that's more insidious than viruses, and it's beyond Norton's skill to detect.

        Nothing is beyond the power of the pink shirt [wikipedia.org].

        Blasphemer!

      • by sumdumass (711423)

        You know, Symantec markets it's products to be a cure for infested PCs. This leaves the consumer the impression that it will actually remove infections in an existing PC and I would think it not being able to do that would be part of the installation routine and part of Symantec's problem.

        In other words, just so we are clear, The way Symatec market's it's product would lead people to believe the removal of infections was part of the support offered by the product.

        • Re: (Score:2, Interesting)

          by mysidia (191772)

          I think it's pretty apparent that there's no way Symantec could afford to provide an engineer to "fix" all users' PC issues for them (caused by malware or not) that were so severe the software couldn't be installed, beyond giving basic generic advise.

          The software would have to be much more expensive, if such help were included with it.

          Their product is a cure for infected PCs, within bounds.

          It will do just that, so long as the PC isn't broken such that symantec software cannot successfully be installed

        • You know, Symantec markets it's products to be a cure for infested PCs.

          Yes, but in what state of the machine? Were they infected before or after their product had been installed? Did they explicitly state that an infection can be removed post software install?

          I agree with mysidia with regards to what should and should not be covered by support. However, Symantec could have been more clear in what is (and is not) supported prior to someone making a purchase. It all comes down to communication be it in the fo

      • Re:It could be worse (Score:4, Interesting)

        by canUbeleiveIT (787307) * on Saturday March 07, 2009 @09:25AM (#27104003)
        The real problem with any security software is the old EYE DEE TEN TEE error. Consider the following scenario:

        User (thinking to himself): I sure would like to whack off to some girl-on-elephant porn!
        User finds and clicks the link for girl-on-elephant porn.
        Security software: "H4xor696969Bestiality.exe is requesting permission to infect your computer, anal rape you and reduce your home to rubble. Allow or Deny."

        So, what's Joe Computer User going to do? You *know* what he's going to do. And when he brings his computer to you to be fixed, he won't tell you what happened either. In ten years of fixing computers, I have only had two customers admit what they did.
    • If they were McAffee/Computer Associates/CA/whatever they're called this month they'd have the option of telling people to run Stinger. As it is I'm not sure they have an option other than telling someone to transplant the disk into a non-infected system to kill the viruses without running them.
    • Re: (Score:3, Informative)

      by no-body (127863)

      decent?

      offer free download
      - install
      - run - shows you a gazillion of "red" things
      - wants you to "register" with email address, do so
      - click next
      uups - asks to pay up $ 40 (- $ 0.05) plus

      Yes, Include Active Protection for Only ($9.95) Recommended
      Yes, Include ErrorSmart($39.95 Only $9.95) Recommended

      - remove software

      - install again & run
      comes up immediately with ... you still have a gazillion of "red" things on your computer

      Result:

      - not a clean uninstall
      - no clear disclosure of service terms up front (paym

  • by Xoron101 (860506) on Friday March 06, 2009 @11:20PM (#27101729)
    Maybe the malware infected machine had a hacked hosts file and he was connecting to some site in Russia? Or some other way of redirecting the supposed chat session with "Symantec Support"
    • by wfstanle (1188751)

      Having just gone through the misery of removing the viruses from a relatives computer it is quite likely that he wasn't getting Symantec. Its quite possible that the computer was being redirected to a phony site. I've seen the list of sites that were being redirected and Symantec yas on the list. (For the curious, the list is in the registry.) Now don't get me wrong, Symantec doesn't make very good products and their support isn't very good as well.

      • Having just gone through the misery of removing the viruses from a relatives computer it is quite likely that he wasn't getting Symantec.

        My relatives don't call me so much anymore for that sort of thing. I don't know why, exactly ... I have a very potent anti-virus tool. It's called "FORMAT C:". Works every time.

        • Having just gone through the misery of removing the viruses from a relatives computer it is quite likely that he wasn't getting Symantec.

          My relatives don't call me so much anymore for that sort of thing. I don't know why, exactly ... I have a very potent anti-virus tool. It's called "FORMAT C:". Works every time.

          Can I interest you in my sure fire cancer cure?

  • by Anonymous Coward on Friday March 06, 2009 @11:25PM (#27101763)

    As a real-time scanner, it is pretty good, and the corporate editions are pretty light weight, but has symantec ever been useful as a repair tool?

    The support tech sounds like he did right, despite the non-corporate policy of eating symantec's own dog food.

    Anyone cleaning an already infected machine would start with malwarebytes or combofix before wasting their time with symantec's stuff.

    Sounds like the tech who was helping him knew this.

    • by Ilgaz (86384)

      I don't know if that behaviour is changed but I saw 2007 version of F-Secure launching a online scanner right before installing the actual thing from CD and warned user, in very serious manner that the removal tools must be downloaded manually and run for already up and running viruses on PC or the AV won't really help.

      That is what Symantec support engineer did, for money of course.

      It makes way more sense asking user if they have external drive, backup their home directory (as Windows actually have one, rea

      • by jonbryce (703250)

        Alternatively you can boot up with a linux live CD and delete any executable or dll that was created or modified in the last 24 hours or so.

        You may have some problems next time you boot, and you might be able to fix them.

    • Anyone cleaning an already infected machine would start with malwarebytes or combofix before wasting their time with symantec's stuff.

      I was going to say, is he complaining that tech support used a product that works but was not their own? They knew their product wouldn't work, so they went with something that did? I guess if he were working for symantech, that would be annoying, but otherwise, malwarebytes is a good solution.

  • FAIL! (Score:2, Informative)

    by Anonymous Coward

    Generally speaking, unless you are an expert at killing malware, the LAST thing you want to try to do is install new antivirus software on an already infected machine.

    Seriously, its completely idiotic and a waste of time.

    • I agree. I loath Norton's shitty AV software, think it's pretty much malware all on its own, but come on, you have a malware-infested system, you start with tools actually designed to deal with malware, or, if that looks like too much trouble, just format the goddamned thing and start afresh.

  • by Alereon (660683) * on Friday March 06, 2009 @11:31PM (#27101795)
    The computer was simply too infected to allow the Symantec software to install. This is not an abnormal occurrence. Symantec offered to have an engineer remotely access the system and clean it, which naturally costs money, since you're paying for a person's time to fix your computer, in addition to the license for the software. Symantec can't guarantee that your Windows installation isn't too badly damaged to allow their software to install, and they just offered an alternative to telling him to take the computer to be serviced. This is a non-story.
    • by cduffy (652) <charles+slashdot@dyfis.net> on Friday March 06, 2009 @11:40PM (#27101851)

      If you RTFA, what he needed to run at the point when he was being upsold on a services package (and told that no other option was available) was a freely-available utility to remove previously-installed Symantec tools.

      Moreover, Symantec's management acknowledged that they were in the wrong, and indicated they would be addressing this -- hardly indicative of the no-fault scenario you proclaim.

      • Even more sad - the poor kid in India who was probably following company procedure (at least as far as charging for support) is probably going to get smacked by the management at outsourcer after symantec smacks the outsourcer.

      • by pcgabe (712924) on Saturday March 07, 2009 @12:48AM (#27102221) Homepage Journal

        If you RTFA,

        I see where you went wrong there.

    • by NevarMore (248971) on Friday March 06, 2009 @11:42PM (#27101867) Homepage Journal

      There are scads of free options.

      Try a linux alternative [lmgtfy.com]

      Like this. [bitdefender.com]
      Or this. [avast.com]

      Hell even an online scan may work well enough, http://housecall.trendmicro.com/ [trendmicro.com]

      • Re: (Score:3, Informative)

        by DaMattster (977781)
        I would say the case for a F/OSS Operating System has been made. I simply love the security of Linux. You can count the amount of malware available by hand and it is all easily defeated. I think the last virus I got several years ago, an rm -rf worked wonders. I checked my netstat and used other programs to verify that I wasn't spewing data out to a botnet controller and I still periodically check. Proof positive that security by obscurity doesn't work.
    • Re: (Score:2, Interesting)

      by Varzil (1481801)
      >>"The computer was simply too infected to allow the Symantec software to install." It's always wise to actually *READ* a story before commenting on it. One seems smarter that way! Those who read the story know that Norton's CD-boot "Norton Recovery Tool" was completely capable of cleaning up the system to the point where N360 would install.
    • by tomhudson (43916)

      So why can't it be run off a bootable dc/dvd and scan+clean the system locally? Oh, that's right, it's crap. "your system is too infected for our anti-virus to run!"

      Either it can remove viruses, or it can't. If it can, then there's no reason not to make it so that it can launch from bootable media. In fact, it SHOULD load from bootable media so that it's running in a known-good environment. "Oh, but it needs windows to run ..." Yeah, riiiight .... it's just a file scanner/pattern matcher.

      Get a real oper

    • The computer was simply too infected to allow the Symantec software to install. This is not an abnormal occurrence. Symantec offered to have an engineer remotely access the system and clean it, which naturally costs money, since you're paying for a person's time to fix your computer, in addition to the license for the software.

      That's a load of crap. They advertise that it will fix your computer, not that it might fix it as long as your computer's not really all that broken. Do you also have weird parsings of "all you can eat" and "flat rate"?

  • Sorry, too much WoW.

    • by kimvette (919543)

      Hey that is just as effective as running Norton Internet Security/Norton AntiVirus ;)

  • by jmello (856993) <`moc.liamg' `ta' `ollemj'> on Friday March 06, 2009 @11:52PM (#27101903) Homepage
    As a general rule when working with badly infected systems, the only guaranteed way to get it working again is to nuke and reinstall. Symantec is, I suppose, doing them a service by trying to help, but if a system is too far gone to allow Norton to be installed, it's most likely too far gone to save. Every client of mine that insists on going through the motions about not wanting to pay for a data backup or to get all of their programs reinstalled signs a waiver that states that I offer no warranty on the system or any of the work done on it. Surprisingly enough, most of the systems I get that are so bad that they require a nuke and reinstall were running Norton to begin with.
    • by sumdumass (711423)

      While I will agree that most of the systems I end up having to clean are running symantec products in the first place, I disagree on the need to nuke the install.

      It is cheaper in most cases to start over, especially if some sort of sane backup is done before hand. You have to remember to goto a known clean state to update all the antivurus protections before attempting to go into the more recent updates that could be just reinfecting the computer. But I haven't seen an infected windows machine yet that can'

  • by coppro (1143801) on Friday March 06, 2009 @11:54PM (#27101913)
    Honestly, I've never, EVER found them to be worth a grain of salt. When installing a product (Norton 2005 I think), it refused to activate itself. So I looked on the website. I tried everything they offered, like their "Complete Removal Tool" to do a clean reinstall, and nothing worked. So I finally broke down and went onto their online support. Their advice was EXACTLY the same as the advice I'd already been given by their website. They (plural!) couldn't wrap their heads around the idea that I had already tried everything.

    I had to reinstall Windows twice to get it to work.
    • There is a malware out there that can disable various features of your AV. Of course, no AV company is going to tell you that there is malware it can't detect, but that's kinda the point of malware, isn't it? And also the reason why closed apps aren't a good response to the threat that malware poses.
  • this still happens? (Score:5, Interesting)

    by Gothmolly (148874) on Saturday March 07, 2009 @12:00AM (#27101947)

    People still get malware, and still use Symantec products?

    • People still get malware, and still use Symantec products?

      You mean, it's _not_ the year of the Linux desktop yet?!?

    • People still get malware, and still use Symantec products?

      No, people still buy the malware called Symantec Antivirus.

      • by Kalriath (849904) *

        Careful there man, Symantec Antivirus is pretty decent. It's Norton Antivirus that sucks. SAV is the corporate version.

        • by sumdumass (711423)

          SAV blows compared to other products out there. The AVG corporate network editions seem to do a better job.

          I used to have lots of issues with the symantec corporate edition like no being able to upgrade to hole number versions without visiting each workstation manually, viruses not being caught or SAV not being able to stop their installation or remove them. Now don't get me wrong, AVG has similar ussues but not on the same levels as the symantec products. I gave up on version 10 I think so something may ha

  • by Anonymous Coward on Saturday March 07, 2009 @12:13AM (#27101991)

    There is a major difference between offering defect support for software and offering services surrounding the software. Let's review the order of events here:

    1) Customer is unable to install product on test environment. Receives BSOD.
    2) Customer contacts Symantec requesting defect support. Per customer the product is not functioning as described on a test system.
    3) Symantec's front-line support team misinterprets the customer's request for defect support. Instead, they believe the customer wants the system cleaned, regardless of whether a Symantec product is used or not. As a result, Symantec services are offered for an additional fee of $100.
    4) End-result is one unhappy customer, and a heavily biased article criticizing Symantec support.

    What should have happened is anybody's interpretation. But, during #3, at a minimum, the issue should have been escalated to the next level where an actual support engineer discusses a bit further with the customer to try to understand if they a defect with the product, something unique to customer environment, etc.

    Conclusion: Front-line reps at Symantec need more training. Customer needs to work on communication skills to be clear when contacting defect support. Failure to communicate.

  • by exhilaration (587191) on Saturday March 07, 2009 @12:25AM (#27102069)
    I had to help someone clean up a popup problem and Malwarebytes Anti-Malware [malwarebytes.org] (which is free) eliminated not only the adware but also identified and removed a trojan that an up-to-date Symantec Anti-Virus didn't even find. I was really surprised.
  • Damn Commies...

  • by j741 (788258)

    this is just more evidence that anti-virus/malware products need to be on bootable read-only CDs that can connect to the internet, obtain current definition files, and scan and clean a computer before actually installing any realtime protection software.

  • by lscotte (450259) on Saturday March 07, 2009 @12:43AM (#27102201)

    Malwarebytes has a trial offer that is free, but the full product is not...

  • As much as I dislike Symantec and their products, they had no obligation to fix pre-existing problems on an infested system.
  • Makes sense (Score:4, Informative)

    by Nephroth (586753) on Saturday March 07, 2009 @01:37AM (#27102457)
    Symantec's products have declined in quality to the point in which we do not recommend it to our clients, in fact, we actively discourage it. Endpoint protection, even the corporate version, is heavy and almost useless for the detection of any kind of malware. The management software is so bad, that when left unchecked, it will fill a server with logs sometimes generating as much as a gigabyte per manged PC in a month.
  • MS (Score:3, Interesting)

    by Joebert (946227) on Saturday March 07, 2009 @01:41AM (#27102483) Homepage
    That's not as bad as the experience I had with Microsoft Tech support recently, I would have been happy if they tried to sell me something that works. My question was

    I want to know if Windows XP Home will run on my AMD64 system before I open the box my neighbor bought and can not return it to the store

    No matter how I tried to explain that, the only answer I received was that "Windows can only be installed on one computer per license".

    I ended up getting soo frustrated that I swore at the guy on the phone and hung up on him before returning the copy of Windows and just going with Ubuntu instead.

  • by Casandro (751346)

    I mean, viruses used to be a problem way back when people installed Windows natively on their machines. But today, you can simply run your Windows inside of a virtual machine you backup regularly. If you notice some odd behaviour you can simply roll back to the old version. Or you can roll back daily.

  • by meist3r (1061628) on Saturday March 07, 2009 @02:14AM (#27102609)
    My Name is M'tumbo Botswana, I am the spyware removal expert of Nigeria. Please to transfer sum of 100,000 US dOllar to bank account written below. We value your customership very very much. Thank you
  • by Aryeh Goretsky (129230) on Saturday March 07, 2009 @02:17AM (#27102615) Homepage
    Hello,

    I have worked in the antivirus industry for about nine years (with about another nine years doing networking things), starting with the technical support department at McAfee Associates (now McAfee). Even in the late 1980s and early 1990s, there were times when we had to run other companies tools to assist in detection or removal of computer viruses, or to obtain a sample. Peter Norton Computing's Norton Utilities Disk Editor and Sybex' Teledisk come to mind, as do various Microsoft MS-DOS utilities (DEBUG, FDISK with its then-undocumented /MBR switch, SYS and so forth).

    A few years ago, I re-entered the anti-virus (or anti-malware, as classic replicating infectors account for a few percentage points of what is seen these days) industry and it was and is not uncommon for our technical support people to help people remove rootkits, various Trojan downloaders and other pieces of malware that are either not detected or detected and not properly removed by our own software. One thing we make sure of is to get copies of any objects like files and registry entries so that our virus lab can add detection (or removal) in a new virus signature database update.

    Sometimes, customers do get upset when they are sent download links to a third-party tool to assist with removal because they assume that one tool will protect them against all threats, however, with the shear number of unique pieces of malware being released every day by organized criminal businesses no one tool is going to prevent, detect or remove every piece of malware, every time, even with the best heuristics and generic detection technology. This is something which all anti-virus companies have to deal with, not just Symantec. On the plus side, we just started deploying our own supplmentary tools to detect and remove threats that the mainline products do not, and that will help wean our dependence on third-party programs.

    That is pretty much how things stand with recommendations for the use of third party software by anti-virus vendors, now.

    As far as selling support goes, well, fifteen years ago it was not unusual to sell support contracts or service level agreements to enterprise customers offering them priority round-the-clock access to technical support. Free, unlimited support via telephone, fax, electronic means (email, BBS, CompuServe, et cetera) was provided, but it was on a first-in-line basis. That started to change in the mid-1990s when the anti-virus companies started to generate substantial revenue and get taken over by professional business people instead of engineers, but when a company becomes publicly-traded, it switches from being technology-focused to being focused on maximizing stakeholder value every quarter, and that means looking at things which cost money like having to pay salaries for support engineers and turn them into things which generate revenue. At that point, I was leaving the company, and really did not care what they did with my department. I have been told by a couple of people who stayed on after me said that Bill Larsen used to give motivational speeches like, "I would fire you if I could." and "I don't understand why we have to provide support to customers, after all, we've got their money." to the support staff, but even if they are not actual quotations, they certainly are reflective of the culture at that time. At a publicly-traded company, loyalty to the shareholders usually takes precedence over loyalty to the customers. Some companies figure out that customer loyalty actually translates into more value for shareholders in the form of increased revenue from license renewals, customers who purchase new products or services from the company, et cetera, but it seems there are plenty who are unable to make this evolutionary leap in understanding how their business works.

    These days, my current employer does provide free, unlimited technical support via phone and electonic means and
  • by AbRASiON (589899) * on Saturday March 07, 2009 @02:28AM (#27102655) Journal

    Norton disk doctor and norton speedisk where both fantastic compared to the Microsoft alternatives under DOS 5/6/6.22 (my era) speedisk used to do a real, thorough defrag of the drive, sure it took a hell of a long time but it totally sped things up, especially logging disks in ztree.

    Over the years it became worse and worse, I think the first one or two windows revisions were somewhat decent but it's been a good 6 or 7 years since I'd ever even consider installing their stuff on my machine anymore.

    FWIW I found a tool called "Ultimate defrag" it's got a ghastly interface and looks like it was designed by someone with 'my first developement toolkit' but the underlying defrag technology it uses is actually pretty damn slick, it really will do the old school Norton style "full with file re-order" and actually does move what you want, where you want it, scope it out.
    (No I don't work for them)

    • Norton disk doctor and norton speedisk where both fantastic compared to the Microsoft alternatives under DOS 5/6/6.22 (my era) speedisk used to do a real, thorough defrag of the drive, sure it took a hell of a long time but it totally sped things up, especially logging disks in ztree.

      Over the years it became worse and worse, I think the first one or two windows revisions were somewhat decent but it's been a good 6 or 7 years since I'd ever even consider installing their stuff on my machine anymore.

      Yes, once upon a time Norton products were good. Now they are an expensive nuisance which 'nannies' every action you perform on a PC and has a hideous impact on performance.

      I widely recommend AntiVir (http://www.free-av.com) as a far more lightweight alternative. I've never bought the full package with malware stuff and so on; I would be curious to hear the experiences of anyone who has.

      Obviously an anti-virus is not enough nowadays, the development of malware has become commercially attractive - eve

      • Re: (Score:3, Informative)

        by jmpeax (936370) *
        NOD32 is great as well. Really low performance impact and a very accurate heuristics engine. Highly recommended.
    • Re: (Score:3, Informative)

      by ScrewMaster (602015) *
      I found another one called JKDefrag that also works very well.
  • by w0mprat (1317953) on Saturday March 07, 2009 @07:33AM (#27103603)
    I have an example which is in fact a common experience for me and others. I often get asked for advice on what is the best anti-virus security protection for a PC. e.g. a friend or family member with computer problems.

    I give my usual spiel that the best protection is not to pay money for anything, it's hard to say it's worth it (Slowing down your system, possibly causing more crashes and program compatibility issues, and then only catching perhaps 90% of threats). Open-source or freeware tools will do just fine to actually scan and heal threats. Largely it's the users actions that are the initial problem. I then offer my time, for free, to teach some safe practices.

    You can't just punch in your credit card number and expect adequate protection.

    Mark my words, there are lots of botnet'd windows boxes that have full-paid anti-virus software on them running just fine. My parents had one of them. (problem was identified in the logs of their linux firewall). The solution was to wipe it, given them firefox with some add-ons and clam-av. Zero issues since.

    If your machine is properly patched your very unlikely to be taken over by a worm attack. Following that, with the right software, your unlikely to be hijacked in your browser and then infected. With the right ISP you won't have spam and e-mail threats. It's down to how the user operates, and discouraging them from skipping virus scanning that keygen.exe when downloading warez. Largely it's browsing that's the problem. Firefox plus some add-ons, and a little bit of user coaching.

    I really wonder in who's interests it is to keep users dumbed down on security matters. Which in todays world has become as important as locks and alarms on houses cars and businesses. It's protection of critical infrastructure.

    Why pay a exorbitant monthly subscription for a security guard to stand outside your house, because your house is equipped with vulnerable locks and the occupants are poorly trained at keeping the doors closed when they go out?

    In hindsight I should have modded as redundant the mandatory:

    Install Linux

    which is inexplicably modded +5 something.

    If 90% of the world ran one Linux distribution we would still have a thriving ecosystem viruses, trojans (albeit on a lesser scale). Good design, transparency and rapid patching in OSS only goes so far, it's not magic immunity. There is also a fairly constant amount of problems between the keyboard and chair - now that will not go away. Windows is the most common, therefore the most attacked... is the statement that raises hackles for some. However it is the truth. In much the same way having millions of genetically identical crops/livestock in unnatural concentrations provides for massive outbreaks of everything from blight to foot and mouth disease. Likewise millions of humans living in close proximity results in plagues - the human immune system was not built for this. And so our information technology infrastructure suffers the same fundamental laws of nature, you have one monoculture of identical entities you invite pandemic infection.

    So how do we live in 20-30 million person cities, and don't all get wiped out in two weeks by ebola? We have sanitation: we all get taught how to cover our mouths when we cough, cook food properly and wash our hands after visiting the lavatory etc etc and we have some sanitary measures to back it up, ie chemicals that can clense pathogens.

    User education is the key. The first thing we can teach is to stay the hell away from clearly rogue companies. We can also stop beating redundant very tired drums.

Everyone can be taught to sculpt: Michelangelo would have had to be taught how not to. So it is with the great programmers.

Working...