NAV - what a load of rubbish

[Chris Jones]

Why NAV is rubbish:

It has been failing to download updates using the LiveUpdate service
for months, because of an incorrect version of oleaut32.dll on my
machine, but at no point did it ever warn me that updates were
failing. What exactly have I been paying Symantec for? How much use is
a piece of antivirus software which stays silent and inactive when one
file is changed, which presumably could be done by a virus?

Even after fixing the above problem and updating to the latest
definitions, it still won't detect this new "MS update" email virus,
even when I scan the attached files manually, despite the Symantec
website saying it will. Again, if I'm paying for a service, I expect
to receive it, and I'm not.

My software version (2001), is now "unsupported", meaning I can't use
most of the online support options. 2 years old, and they won't allow
me to email them when their software doesn't work! Not only is this
ridiculous, but I notice they didn't mention any of this when taking
my money for extended service.

After this experience, I will never buy another Symantec product
again, and I recommend that you don't either.

If anyone has any recommendations for AV software which works properly
and provides full support for as long as you're a paying customer, I'd
like to hear them.

 

[Adam A. Wanderer]

Symantec AV has been getting very bad press of late. The 2004 version has
some serious stability problems. Hope they "clean up their act" real soon!

 

[Kerry Liles]

I use Computer Associates EZ-Antivirus - it is inexpensive (not free) and
annual updates were (last time I looked) $10us

I sent them examples yesterday of the new Swen virus going around and within
SECONDS I received a reply from their submission scanner that this was
indeed a virus and new definitions would be available shortly.

Occasionally they do something stupid but benign: for example, the latest
version has a splash screen on startup that no longer can be turned off
(someone probably messed up the /nosplash processing code) but, to their
credit, they claim they will fix that... it's not a high priority.

My 2c

 

[Ed >:-)]

I've run into this several times. The oleaut32.dll is some part of a
Visual Basic file set. Of course the fuktards at M$ can't use anything
that the rest of the world does so we have to go get it ourselves. I
installed the 6.0 and haven't had any problems since.

http://www.macros.com/oleaut.htm

 

[Chris Jones]

I've run into this several times. The oleaut32.dll is some part of a
Visual Basic file set. Of course the fuktards at M$ can't use anything
that the rest of the world does so we have to go get it ourselves. I
installed the 6.0 and haven't had any problems since.

I fixed that particular problem (I had older versions of the file in
backups I had made previously), but what astounds me is that NAV
didn't warn me that virus definitions weren't downloading. What use is
a mechanism to protect my data if it can be disabled by accidentally
overwriting an obscure file, and remain silent?

It's about as much use as a smoke alarm with a battery that can
disappear at random.

 

[David]

The whole problem is that too many people think their entire machine is plug
and plug. Nothing works perfectly and automation tools still need to be
administered once in a while. Simply opening up NAV and looking at it the
status screen once in a while would have told you that something was wrong.
Everytime you apply a patch to windows there is a chance that it will
adversely affect something else, and every time a new virus comes to light
there is a chance that any or even every AV program will fail and possibly
be disabled by it.

I fixed that particular problem (I had older versions of the file in
backups I had made previously), but what astounds me is that NAV
didn't warn me that virus definitions weren't downloading. What use is
a mechanism to protect my data if it can be disabled by accidentally
overwriting an obscure file, and remain silent?

No, its more like putting up a smoke alarm and never checking or replacing
the battery.

 

[Chris Jones]

The whole problem is that too many people think their entire machine is plug
and plug.

Assuming you mean "plug and play", that's exactly what antivirus
software should be. It shouldn't need babysitting.

Nothing works perfectly

However NAV is seriously deficient. Not only this, but despite
continuing to pay a subscription for the software, support for it has
been arbitrarily removed, making it more difficult to fix problems
that do occur.

Simply opening up NAV and looking at it the
status screen once in a while would have told you that something was wrong.

If I could see something was wrong on the status screen, why can't the
program present that information to me through its icon in the system
tray? If something's amiss, bring up a big red exclamation mark or
something. Why should millions of users waste time opening and closing
the interface because Symantec are too lazy or too stupid to write a
few lines of code?

Everytime you apply a patch to windows there is a chance that it will
adversely affect something else, and every time a new virus comes to light
there is a chance that any or even every AV program will fail and possibly
be disabled by it.

And yet although Symantec have known about this problem for a long
time, they have done nothing to fix it. How long is it acceptable for
Symantec to sit by and do nothing when they could have released a
client update to address the issue?

No, its more like putting up a smoke alarm and never checking or replacing
the battery.

(an aside - this is why top posting is stupid)

If you buy a half decent smoke alarm, it will alert you to a low
battery level with either an audible or visual warning. A proper AV
package should do the same, especially if the user is paying a
subscription fee for the privilege of application support.

 

[Craig]

The whole problem is that too many people think their entire machine
is plug and plug.

Since you got the whole problem figured out you should have a fix to
cause folks to not think what they think.
What do you suggest to educate the 95% of computer users who never use
Usenet and might not even know what Usenet is even if their server does
provide it?
The way most of folks who purchase computers are dependant on
information from the computer manufacturer.
Folks who purchase software are dependant on the manufacturer to educate
them about their software.

Nothing works perfectly and automation tools still
need to be administered once in a while. Simply opening up NAV and
looking at it the status screen once in a while would have told you
that something was wrong. Everytime you apply a patch to windows
there is a chance that it will adversely affect something else, and
every time a new virus comes to light there is a chance that any or
even every AV program will fail and possibly be disabled by it.

I have an interest in such things and I am trying to think of last time
I have seen widespread warnings about some AV program defect. So I wonder
what to expect of joe-blow who does not even know that there are questions
that might should be asked.

No, its more like putting up a smoke alarm and never checking or
replacing the battery.

In every day life do you respond to folks before they say what they say?
If the smoke alarm is a quality and dependable machine then it starts
giving warnings when the batter is going low.
Some cheap piece of crap that does perform that function could not be
depended on to alarm for smoke anyway.

--

 

[David]

Your right it shouldn't need babysitting. And neither should windows. But it
does. And as you keep reading the various post in this NG you will realize
that most of the AV software needs a little babysitting at times.

Assuming you mean "plug and play", that's exactly what antivirus
software should be. It shouldn't need babysitting.

When you renew your subscription to NAV they tell you the newer versions
have more recent heuristic engines and tools. And if you shopped around you
would have found that someone was offering these new versions for the same
or less than what it costs to renew a subscription. The virus' and problems
today are very different from what they were three years ago. Do you expect
them to spend their time and money on research and development and give you
the fruits of their labors for free? You should have read the subscription
form more closely because it made specific reference to when free telephone
support for the specific version would end.

However NAV is seriously deficient. Not only this, but despite
continuing to pay a subscription for the software, support for it has
been arbitrarily removed, making it more difficult to fix problems
that do occur.

Seems to me your version has a setting that says, "Alert me on startup if my
virus definitions are out of date". Are you even aware that it exists?

If I could see something was wrong on the status screen, why can't the
program present that information to me through its icon in the system
tray? If something's amiss, bring up a big red exclamation mark or
something. Why should millions of users waste time opening and closing
the interface because Symantec are too lazy or too stupid to write a
few lines of code?

Is it Symantec's problem to fix problems with windows? You did pay for a
virus subscription renewal, not an application upgrade or windows support.

 

[kurt wismer]

Assuming you mean "plug and play", that's exactly what antivirus
software should be. It shouldn't need babysitting.

in what dream-land would this be? while it might be fun to fantasize
about a world where things don't need to be monitored, where automated
processes take care of all your thinking for you and never break down
and never make mistakes - in the real world it's just not possible...

all (warranted) nav bashing aside, anti-virus software (as well as a
whole lot of other software) does need babysitting and anything less
amounts to entertaining the idea that av software can *protect* you,
that it's a *solution* rather than just a tool... it's a slippery slope
down to the ever popular false sense of security...

 

[Chris Jones]

Your right it shouldn't need babysitting. And neither should windows. But it
does. And as you keep reading the various post in this NG you will realize
that most of the AV software needs a little babysitting at times.

I don't mind occasionally fixing something which has broken, but I
don't expect to have to check its operation daily.

When you renew your subscription to NAV they tell you the newer versions
have more recent heuristic engines and tools.

That's very different from saying that current versions won't work or
be fixed when they break.

The virus' and problems
today are very different from what they were three years ago. Do you expect
them to spend their time and money on research and development and give you
the fruits of their labors for free?

No, that's why I've been paying a subscription.

You should have read the subscription
form more closely because it made specific reference to when free telephone
support for the specific version would end.

I don't recall seeing this, but that doesn't tell me whether I missed
it, or whether it wasn't there.

Seems to me your version has a setting that says, "Alert me on startup if my
virus definitions are out of date". Are you even aware that it exists?

I am now, but I didn't disable that setting. My assumption is
therefore that the product installed with the setting disabled. How
helpful is that?

Is it Symantec's problem to fix problems with windows?

It wasn't a problem with Windows, it was a problem with NAV. How
secure is a piece of AV software which can be silently disabled by
simply changing one file?

You did pay for a
virus subscription renewal, not an application upgrade

Upgrade and fix are two very different things. MS doesn't charge for
service packs, for example.

 

[Chris Jones]

in what dream-land would this be? while it might be fun to fantasize
about a world where things don't need to be monitored, where automated
processes take care of all your thinking for you and never break down
and never make mistakes - in the real world it's just not possible...

If something breaks in an obvious way, I can deal with that. If a
failure throws up error messages, for example, I can look up the error
and fix the problem. However, if the failure is silent, it's much more
dangerous, and if you're not constantly checking the software then
you're open to damage. The latter situation is very avoidable.

It turns out that if I'd configured my software differently, I should
have received a warning for the failure I experienced. Which is
potentially useful, but why wasn't the application installed in the
secure state? What other settings might there be which a user doesn't
know about until it's too late? When a problem such as mine is known,
why not issue an update to change the setting to warn? I can't imagine
it would be very difficult to do.

it's a *solution* rather than just a tool... it's a slippery slope
down to the ever popular false sense of security...

I viewed it as a safety net - I didn't rely on it (for example, I
don't assume I can open any random email attachment because I have a
scanner protecting me), but I expected it to be highly effective if
something gets past me. If it's broken by design, I'd rather it wasn't
there, and I'd definitely rather not pay for it.

If thinking AV software would make my life easier was naive, I'm
guilty as charged. Rest assured I'll not be making the same mistake
twice.

 

[Bill]

If thinking AV software would make my life easier was naive, I'm
guilty as charged. Rest assured I'll not be making the same mistake
twice.

There are far better choices than NAV.

 

[kurt wismer]

If something breaks in an obvious way, I can deal with that. If a
failure throws up error messages, for example, I can look up the error
and fix the problem. However, if the failure is silent, it's much more
dangerous, and if you're not constantly checking the software then
you're open to damage. The latter situation is very avoidable.

in the particular situation you experienced, yes perhaps it is, but in
the more general sense it is not....

no software is perfect, all software can break under the right
circumstances, all software (and hardware) fails at some point...
please don't whine about how av software isn't 'plug-n-play' enough for
you because that's just not reasonable - there is no such thing as
'install and forget' protection...

av software is a *tool*... tools don't do much on their own, they need
someone to operate them, they need someone to make some effort... if
you want to be protected then the onus is on *you*, not the software...

 

[Chris Jones]

in the particular situation you experienced, yes perhaps it is, but in
the more general sense it is not....

Of course it is. All you have to do is instruct the software to check
and see if it has done what it should have, and warn the user if it
hasn't. It's called debugging, and it is common good practice.

no software is perfect

That's what error messages are for.

please don't whine about how av software isn't 'plug-n-play' enough for
you because that's just not reasonable

It's quite reasonable, that's the whole point behind installing such
software. If you're paying for features such as "auto-protect" or
"auto-update", then those features should work.

av software is a *tool*... tools don't do much on their own, they need
someone to operate them, they need someone to make some effort... if
you want to be protected then the onus is on *you*, not the software...

Perhaps you'd like to explain what you think "automation" means, and
quantify exactly how much compulsory user participation is acceptable
in an "automated" system.

 

[kurt wismer]

Of course it is. All you have to do is instruct the software to check
and see if it has done what it should have, and warn the user if it
hasn't. It's called debugging, and it is common good practice.

what part of "no software is perfect" are you not getting? it doesn't
matter how much debugging a developer does, there will still be bugs,
there will still be errors, there will still be circumstances under
which the software will fail...

That's what error messages are for.

apparently you're a little slow... no software is perfect... how is
error handling implemented? in software... ergo no error handling is
perfect... amazing, isn't it?

It's quite reasonable, that's the whole point behind installing such
software. If you're paying for features such as "auto-protect" or
"auto-update", then those features should work.

my sincere apologies for the fact that you were duped and bought into
the *lie* of automatic protection... and again for the fact that
(obviously) no one can deliver on what has been promised...

Perhaps you'd like to explain what you think "automation" means, and
quantify exactly how much compulsory user participation is acceptable
in an "automated" system.

automation of the type you seem to be expecting is actually called
snake-oil when it's promised, or a pipe-dream when it's requested...

the amount of participation needed depends on the person, on how much
protection they want and what compromizes they're comfortable making...

 

[David]

I don't mind occasionally fixing something which has broken, but I
don't expect to have to check its operation daily.


That's very different from saying that current versions won't work or
be fixed when they break.


No, that's why I've been paying a subscription.


I don't recall seeing this, but that doesn't tell me whether I missed
it, or whether it wasn't there.


I am now, but I didn't disable that setting. My assumption is
therefore that the product installed with the setting disabled. How
helpful is that?


It wasn't a problem with Windows, it was a problem with NAV. How
secure is a piece of AV software which can be silently disabled by
simply changing one file?


Upgrade and fix are two very different things. MS doesn't charge for
service packs, for example.

 

[David]

You don't have to. I double check mine if I start to see email with
attachments coming into without NAV bating an eye. Then I know if NAV is
still enabled, when the last update occurred, and often when new outbreaks
are happening.

I don't mind occasionally fixing something which has broken, but I
don't expect to have to check its operation daily.

You're basically admiting that you never even looked through the options.
And then come in here complaining about a product which seems to have an
option that would have accounted for the problem. Well now you know more
about how to use these products, so hopefully you will be able to better
configure and use the next one you try. Good luck.

I am now, but I didn't disable that setting. My assumption is
therefore that the product installed with the setting disabled. How
helpful is that?

It's about as safe as any other AV software. All of them can be
programatically disabled by a virus. And all of them can be affected by
certain problems in the OS.

 

[Chris Jones]

You don't have to. I double check mine if I start to see email with
attachments coming into without NAV bating an eye. Then I know if NAV is
still enabled, when the last update occurred, and often when new outbreaks
are happening.

I rarely receive attachments, and the way you describe is the same way
I discovered it wasn't working properly. I haven't really been hit by
email viruses until the last few days.

You're basically admiting that you never even looked through the options.

I didn't look through them all, that's right. Should doing this be a
prerequisite for expecting software to work properly?

And then come in here complaining about a product which seems to have an
option that would have accounted for the problem.

That was only one of my three complaints, and I still find it
ridiculous that the option you refer to wasn't set to the most useful
setting by default.

Well now you know more
about how to use these products, so hopefully you will be able to better
configure and use the next one you try. Good luck.

Thanks, but I think I'll redirect my efforts towards more frequent
system backups. That method of protecting my data seems rather more
reliable.

It's about as safe as any other AV software. All of them can be
programatically disabled by a virus. And all of them can be affected by
certain problems in the OS.

I find it depressing that this state of affairs appears to exist. If a
virus writer can find ways to disable the software, I would have hoped
that antivirus writers would be able to re-enable it as smoothly.

 

[Chris Jones]

what part of "no software is perfect" are you not getting? it doesn't
matter how much debugging a developer does, there will still be bugs,
there will still be errors, there will still be circumstances under
which the software will fail...

You're not listening. I'm not saying that debugging is a process by
which a piece of code can be made to work perfectly, I'm saying that
you put debugging code into the release version so that errors produce
warnings.

apparently you're a little slow... no software is perfect... how is
error handling implemented? in software... ergo no error handling is
perfect... amazing, isn't it?

A personal insult, congratulations, you're distinguishing yourself.

Pre-release testing should eliminate most errors. Post-release
debugging should flag most of the errors that make it through the
previous process. If this is properly implemented, there should be
very few errors which escape unnoticed or unexplained. There is a
(subjective) probability threshold for an acceptable number of errors
in a piece of software, and NAV falls below my threshold.

If you'd rather make excuses for what is undeniably a vulnerable and
dangerous piece of software, go ahead.

my sincere apologies for the fact that you were duped and bought into
the *lie* of automatic protection...

Why should your apology be relevant? Unless you are responsible in
whole or in part for NAV, in which case I may have a few choice words
for you and your organisation.

automation of the type you seem to be expecting is actually called
snake-oil when it's promised, or a pipe-dream when it's requested...

If something describes itself as "automated", I expect that the
chances of me having to manually direct the process are low. I didn't
expect NAV to be perfect, but I didn't expect to have to intervene to
correct serious errors.

the amount of participation needed depends on the person, on how much
protection they want and what compromizes they're comfortable making...

How exactly do a user's actions determine how a product defines
itself? A spade is a spade, even if you choose to serve dinner on it.