This post is from guest blogger Carl Siechert, my co-author on Windows XP Inside Out and Windows XP Networking and Security Inside Out:
A coworker recently bought via Symantec’s online store a copy of Norton Internet Security 2006 for her home computer. (This wouldn’t have been my recommendation, btw.) After making the payment, the last page of the order process includes a download button. She clicks the button (and was flummoxed by the Run/Save security dialog) and eventually screws up the courage to save the file to disk. (She’s not particularly at ease with computers.)
It downloads a 156-KB file called Setup.exe (or Norton Upgrade Setup.exe, depending on the target folder), which turns out to be Norton Internet Security Download Manager–a program to download the real application installer. But here’s the kicker: the download manager program is not signed. So, of course, when she opens it Windows pops up an ominous warning about an unknown publisher. Contravening standard security advice, she forges ahead. (Looking at the file properties imparts no useful information either. The Version tab shows a product name of “xDM” and no publisher name.)
Without any warning that the 40-MB download is going to tie up her phone line for a considerable time, it eventually completes, depositing on her desktop a file called NIS06900_2YR.exe. (Examining the properties of this file is even less helpful; it doesn’t even have a Version tab.) Because it was placed there by a program other than Internet Explorer, running the program doesn’t display any sort of warning.
There’s no way to confirm that either of these files came from Symantec, nor any way to confirm that they haven’t been altered by someone else (or that they aren’t a different potentially malicious program altogether).
This kind of sloppy work by one of the major players in security software makes it difficult to explain to unsophisticated users how to determine which programs are safe to run. How many warnings have we seen about malicious programs that purport to be a security program or update from Symantec and its competitors? And what’s our usual advice? If it’s not signed by the publisher, it’s probably bogus. Nice work, Symantec.
Ed Bott 
Exactly. I bought NAV from the road last month and I couldn’t figure out how to download it until I got back home- there was no clear path to the download from the purchase confirmation page. Then installing it was much more complex than it should have been. I came to Symantec via Norton Utilities back in the day, but I’m about ready to find another AV solution.
Not only that, but the thing sucks up nearly 100 MB of RAM. Horrible.
When I bought my laptop it came with NAV pre-installed so when it came time to renew I did it with minimum fuss. I recently asked Symantec what I would have to do to upgrade to NIS, and the answer I got was to completely uninstall the version that I have at present then download NIS. Now I am no expert on these matters, but I find their answer somewhat bizarre in that I would have to download a major file without the protection of a resident A/V program. I have since decided to stay with NAV and renew my subscription when it comes duein April of next year (2006). That is unless someone can come up with a better solution than renew NAV. I understand that NAV is a bear to remove completely, but before I do that I would want something in it’s place first. J.B.
I’ve had nothing but negative experiences in my brushes with Symantec’s security suite. My neighbor had NAV installed. The install had somehow been corrupted and it refused to update itself, and it caused the machine to lock up very regularly. The install disk was nowhere to be found, and it refused to uninstall without the disk, even in safe mode. Uninstalling it required getting under the hood and literally ripping it out by the roots. You want good cheap relatively bullet proof antivirus? Get AVG Free.
So Carl or Ed, what anti-virus program would you recommend? My NAV license is going to run out here in a couple of weeks and I am trying to decide whether to re-up, or move to something else, preferably something that is less of a resource hog.
A-Dog, you can see Ed’s recommendation as part of his software list. Me? I ditched NAV about two years ago in favor of Trend PC-cillin. For systems that can legitimately use the free version (i.e., noncommercial home computers), I still recommend AVG Free Edition. And as Ed wrote the other day, OneCare Live is worth investigating. It’s currently free, but Microsoft has promised to start charging at some point (no clues yet on when or how much).
I run a small IT company in So Cal. Recently our company has began installing and recommending McAfee over Symantec, regardless of the fact that we are Symantec partners and we have gone to their conferences.
Why?
– BloatWare – Each version on NAV and NIS has become SUCH overkill, the products are constantly. The guts of the scanning engine are basically the same (I’ve heard).
– No Support – Since we install so many NAV’s the product activation can sometimes get messed up. No problem yet… sometimes this happens with Windows Activation. I just call MS on the phone, Muhammad asks me a couple questions, and I can be on my way. Try calling Symantec. Heck, try finding the phone number or the help line for installation support.
– Intrusive and Buggy – No need to go into great detail here. Let’s just say that my first recommendation when someone’s program reports update errors is to shut off NIS or NAV and try again.
– Hackable – “My Norton shuts down every time I try and open it or update the program. I can’t open regedit.” Well sir, that’s probably a virus slapping Norton around and taking Windows to school.
Ah well. If Rome’s empire fell, why not Symantec?
Another small detail in the Symantec parade of jokeware…
IF you renew your antivirus subscriptions from a previous year’s product (as opposed to upgrading to the current year product ie NAV 2006), Symantec will only update your virus definitions on Wednesday of each week, or if Symantec deams a virus a high enough threat, they can opt to update the definitions on other days. This of course refers to 2005 products and earlier using Symantec Liveupdate process.
I have no problems with Trend Micro PCCillan Internet Security package – it in fact caught a virus that skipped right through Symantec this past week because of the LiveUpdate Weekly update.
And Symantec has the absolute nerve to state:
“If you need to update your virus definitions only once a week, LiveUpdate is the easiest method”. Are they just nuts?
F-Secure appear to offer a good alternative to NIS.
Not had any problems with it so far.
I’ll also wave the flag for Trend Micro Internet Security. In my experience, it has been excellent.
I also had a similar experience to ZB Altadena, in respect of the lack of effectiveness of weekly updates in preventing virus outbreaks. On my laptop I now run NAV 2005 and have my account set as a restricted account. This latter action reduces the effectiveness of many viruses, and prevents me from completely stuffing up my computer in a moment of madness.
I’ll also second the fact that the Symantec renewal process is woeful, to say the least. In addition to the utter uselessness of the download program, it insists on writing every kilobyte to the hard disk in non-cached mode, closing and reopening the file. This creates an enormous amount of disk activity, which was unacceptable to my laptop. The retarded algorithm also significantly reduces the download speed.
And whilst I’m at it, the LiveUpdates, which are also not signed, contain executable code. So there’s little point in signing the distribution files anyway.
So yes, as Ed said, it’s stoopid.
August 2005 I bought an HP Pavillion with Norton/Symantec antivirus preinstalled. After a few “fast user switchings” Norton usually goes berserk and eats up all the CPU cycles, so that the PC comes effectively to a complete stop. Switching off the possibility of fast user switching (see “XP Inside Out” how to do this) solved this problem.
I know have McAfee antivirus, which doesnot allow XP Help and Support, unless one switches off the so-called “Script Stopper” feature (a well-hidden possibility; switching off Script Stopper is only allowed by somebody with administrator privilege).
Me, only PC-CILLIN and AVG Antivirus works for my system. Norton 2005 and later version will block my internet connection. McAfee works only after first install, but after a couple of updates, it will block my internet connection.
I don’t know whats with the updates that blocks my internet connection. My McAfee doesn’t have a firewall or something thats blocking my connection. I have tried to contact technical support of McAfee but I guess i was chatting to a machine. Some AI program.
Email to a friend of mine, he manages over 100 PC’s at his job.
First, Norton seemed to work OK when the computer was new, the big problems started after I finally let “live update” download all the patches and other virus updates. This after living through the 10 “pop ups” every time I booted warning me about how “unprotected” I was. Then I could not shut down the program completely, even for a short time to do needed work it was interfering with. I could not even find a place in the options screens to selectively disable those parts of the program that were causing trouble, either permanently or even temporally.
So I finally used msconfig to go in and disable everything in the startup menu that mentioned Norton or Symantic. ( I think there were close to 20 separate items.) WOW, computer started up faster, everything seemed to be faster and more responsive. Got on line, GOT MY MAIL, all of it.
Then I tried to pull up an excel file that I use regularly. Little note appeared at the bottom of the excel spreadsheet. Something about “requesting virus scan”. File never appeared…… worse, excel stopped responding. Had to use control-alt-delete and the windows task manager to “end task”. Norton had stuck it’s slimy tenticles into everything on the computer. As blood pressure rose, made the fateful decision….. Add or remove programs. It uninstalled better than previous versions I have tried to uninstall. But there are still 5 items listed on msconfig in the startup menu related to Norton or Symantic. Norton is as much a bear to completely uninstall as any of the worst of the ad-ware, spy-ware, viruss, or worms, that it is supposed to protect against.
For someone in your position, with public computers you need to totally lock down to keep people from either inadvertently, (or purposely) altering or installing programs or getting infected…. Norton may well be one of the best solutions.
But for my personal use, once I am off line I want to be able to disable the f–king program while I am working on other stuff. And I mean I want to be able to either (at my discretion, MY CHOICE) selectively disable or enable different features, or to completely disable or enable the program. This is an Athlon 64 3700+ system with 1 gig of DDR400 memory. It replaced an older 800 meg Athlon with 512 meg of PC133 memory. While performance was good, I didn’t see much difference in perceived overall performance between the two when running office and bookkeeping software. There is definitely a difference now, everything starts /FASTER/. Logging off, logging on, switching users, program startups, searchs, EVERYTHING works faster, NOTICEABLY FASTER. And no more f–king Norton POP UPS.
I think I may copy and post this message to their web site as well….. and maybe on some public forums if i can find some. Pissed off enough this time, (this debacle cost me probably 5 hours yesterday) to spend a few minutes screwing them in return. One good screw deserves another, and I definitely feel screwed by them.
Bit defender just got some good reviews, may try them…
I have just endured my third year of trying to upgrade this Internet Security code. As Roberto Duran once said, NO MAS!
I would post the chats I had with so called support people in India, but I’d rather not embarass them. The support people are so poorly trained and lacking in English skills that I actually almost passed out twice from the stupidity. But it’s not their fault. Symantec is putting out a poor product, backing it with worse support, and basically telling people they have to live with it.
The final insult was when I went to uninstall NIS 2006 (after this latest disaster of an upgrade) the uninstall would not work. Finally got it cleaned off and have installed ZoneAlarm – it installs in literally 1/50th the time and so far hasn’t thrown exceptions. We’ll see how it goes…fingers crossed.
Norton at one time had a cherished place in PC software. They’ve slid off the map in my opinion. I will work to avoid Symantec products in the future.
We have spent over a week trying to download the Norton Internet Security 2006 and anything happened. Neither Guta nor Shibu, etc. (Symantec Chat Service Representatives) couldn’t solve our downloading request. For other victims benefit,… the Step by Step that never ends!
1. Access to Order Status Page (write your Order No. and your password)
2. Click: Download.
3. A window appears: Do you want to run or save this file?
4. Click: Run.
5. Begins the running process up to 100% – Setup.exe, Executed.
6. A window appears: The publisher could not be verified……
Name: Setup.exe
Publisher: Unknown Publisher
7. Click: Run
8. A window appears: Norton Internet Security 2006 Download Manager
9. Click: Resume
Then, it begins to Downloading: 1%,…2%,…3%,… At this point your attitude is… Wow, we are going to succeed with our new NIS-2006!!! But, [Ufff…., #*!?] What happened? It stops at 4%, then you see a window that resume all your odyssey: Error creating threat. The download timed out. Thank you Symantec for motivate us to spend our $$$ without the product reward.
THE END.