R
Randy Brook
This applies to users of Norton Antivirus with automatic Live Update.
(I don't know about other antivirus programs.) The risk is highest
with PCs/laptops connected via wireless LANs whent they go unused for
a week or more.
If you enable automatic Live Update, by default it runs NetDetect.exe
to check for new virus signatures every 4 hours. Symantec tech support
has given me conflicting info on when the 4 hours starts and if LU
runs once at startup or simply waits until the scheduled run. However,
it probably doesn't matter. Either way, NAV doesn't ever get updated a
startup.
Let's say we give Symantec the benefit of the doubt and assume it
tries to run LU on booting. Also according to Symantec, NetDetect.exe
will only run if it sees a network connection. But it takes at least
30 seconds after logon for a wireless connection to be established and
an IP address assigned by the router. So assuming NetDetect.exe LU
runs, it will not see any network present and therefor will not start
any update. There is no error message for this. Nor can you see any
evidence of an attempt to run NetDetect.exe in the Event Viewer or in
Task Scheduler.
NetDetect.exe will try again at the next scheduled time, up to 4
hours later, but by then it may be too late. You will probably have
downloaded new email and your antivirus checking will not have been
updated.
I've tried putting NetDetect into the Startup group for All users but
this doesn't seem to allow enough time for the network to connect.
Putting it into Task Scheduler to run once at system start or logon
similarly appears to be too soon.
I don't know any fix, other than to remember to run LiveUpdate
manually every time I startup a machine I haven't used in a few days.
Symantec has not seemed willing to recognize this as a risk or a
problem.
(I don't know about other antivirus programs.) The risk is highest
with PCs/laptops connected via wireless LANs whent they go unused for
a week or more.
If you enable automatic Live Update, by default it runs NetDetect.exe
to check for new virus signatures every 4 hours. Symantec tech support
has given me conflicting info on when the 4 hours starts and if LU
runs once at startup or simply waits until the scheduled run. However,
it probably doesn't matter. Either way, NAV doesn't ever get updated a
startup.
Let's say we give Symantec the benefit of the doubt and assume it
tries to run LU on booting. Also according to Symantec, NetDetect.exe
will only run if it sees a network connection. But it takes at least
30 seconds after logon for a wireless connection to be established and
an IP address assigned by the router. So assuming NetDetect.exe LU
runs, it will not see any network present and therefor will not start
any update. There is no error message for this. Nor can you see any
evidence of an attempt to run NetDetect.exe in the Event Viewer or in
Task Scheduler.
NetDetect.exe will try again at the next scheduled time, up to 4
hours later, but by then it may be too late. You will probably have
downloaded new email and your antivirus checking will not have been
updated.
I've tried putting NetDetect into the Startup group for All users but
this doesn't seem to allow enough time for the network to connect.
Putting it into Task Scheduler to run once at system start or logon
similarly appears to be too soon.
I don't know any fix, other than to remember to run LiveUpdate
manually every time I startup a machine I haven't used in a few days.
Symantec has not seemed willing to recognize this as a risk or a
problem.