Symantec Launches Anti-Spyware Beta

daria42 writes "Symantec has launched the beta test version of its anti-spyware application, which will be sold from June as part of Norton Internet Security 2005. The company's Norman Kohlberger said the main aim of the new combined product was to make PC security as easy as possible for the end user. 'The computer is not a toy anymore. It has turned into a toaster and microwave -- it has become an integral part of the home environment,' he said. 'We have to reduce the complexity. People do not want privacy software, firewall, antivirus, spyware, adware and blended threats. The average individual is saying I don't want this anymore. Just fix it. What we are doing is reducing the complexity.'"

Why?

[alexandreracine]

Why they did not simply have put that in Norton Antivirus a long time ago? They sure have all the scanning tools!

Differences with corporate?

[Anonymous Coward]

Symantec has had spyware scanning and removal built into itscorporate version of Symantev AV for almost a year now. In my experience it has been fairly effective and its effectiveness has been increasing with every update.

I'd like to know if anyone can explain the difference between this new product and the corporate version that's been around for a while.

Whatever happened to Norton?

[Anonymous Coward]

The man, not the company. I saw him on TV when I was a kid, probably about 15-20 years ago, and he seemed like a real nerd's nerd. Now he's like Betty Crocker, just a brand name.

convenient for Symantec, too

[bodrell]

I briefly worked for a Symantec call center in the anti-virus division, and very often the call would consist of me telling people: "Go to lavasoft and download AdAware" because we refused to try and fix a computer loaded with spyware. Now, the call center people (relocated to India since two years ago) can tell the customers to buy Norton Anti-Spyware instead.

Symantec ain't all that....

[Himring]

I'm rather confused by their claims of anti-spyware incorporation. They stated to have it in SAV9.x and indeed I saw it finding spyware on machines -- and it did a poor job. Adaware and spybot always found more. Now, their marketing is like, "now with anti-spyware!" Uh huh, you've said that already.

Also, their installs are some of the worst to deal with. Their auto-uninstalls of their old products -- which occurs prior to upgrading -- is horrible. We had to spend tons of time writing our own scripts. We finally tried out Trend Micro and found that it did a better job of auto-uninstalling Symantec's products than Symantec did.

I'm still talking enterprise here, but Trend has a far better admin console than Symantec. Trend gives tons of information on each system. Symantec is childish by comparison. Trend reporting is far better too. Trend has more of a "build your own wheel" feel to it, but for sys admins it rocks. Symantec's roots are from the single, desktop computer and that's the feel you get for it as an admin. Administration is an afterthought. Trend seems to be built by administrators for administrators and I like it.

Besides all that, the answer to spyware isn't what Symantec would have you think -- namely, *them*. The answer is first: install Firefox (install it fool!) and ban IE. Second, make patch management a priority. After that, you can put gravy on it by removing root off workstations for users, but FF and PM are key. As a matter of fact, I argue that if you do those two things you just about don't even need AV -- especially doing Firefox. Hey, can you tell I like Firefox?...

Re:Challenge

[hendridm]

I don't think they need to charge "very little money," but $64 is a little steep for me considering it comes with only a year of updates.

I'd pay $64 for protection for the lifetime of the OS (which is what, ~4 years?) or a pure subscription of say ~$15/year.

I, too, don't like the separate products. And I don't understand what took them so damn long to include protection from spyware and other malware. I want it a part of Norton anti-virus - one program running that protects me, as you said. I think Symantec is late in the game on this, and they're entering a market that has free alternatives in it. I say add the functionality to NAV for free so your core product doesn't become irrelevant. To me, spyware should be treated as a virus (with the exception of maybe asking me if I want it quarantined instead of doing it automatically as with viruses).

Symantec Effectiveness

[wcitech]

When I got into the computer repair business, I installed Symantec products on almost every machine that came through my doors (if they weren't already equipped already). Now I am a strong advocate of AVG antivirus. I can't tell you how many times I've seen computers with Norton Antivirus that had a) up to date subscriptions b) up to date definitions and c) reported that the system was clean after scanning. Then, I'd uninstall Norton and install AVG, bamf, 6 viruses found.

If their spyware removal is as effective as their virus removal (lately), you'll equal luck trying to remove those rogue search toolbars with a blender.

Norton Antivirus does

[osssmkatz]

Spyware programs access the Internet a lot, and frequently via low-level calls. By monitoring what programs access the Internet, they can indeed know what spyware is on your computer faster than by scanning.

Their virus package does include support for 'expanded threats' including spyware.

But their antivirus engine is designed to assume 'all viruses are bad.' This new product can --and does-- tread more carefully. It tells you what programs will stop functioning if a given adware module is removed. (according to Symantec.) I do not touch Symantec's products, though it is getting more and more tempting.

If a company does good research, you think they could write good, lean, code without dependencies on TCP/IP. Uninstalling the program is a pain (for some), and manually uninstalling it without removing the TCP/IP dependency.. results in no Internet connection.

With XP's system restore, I would be willing to take more risks, and this is a 'beta' product, but still..

Re:Too late to the game

[cuzality]

Parent is right on. PHBs everywhere will glom onto the new Symentec product simply because it is Symantec. Meanwhile I have to suffer through parsing the entire Spybot Search and Destroy EULA every time someone else has a question about my using a "non-approved" piece of software on my machine. ("Freeware. It means I can use it for free. No restrictions. Even on a business machine. Read what it says!")

My experience is they create more problems than they solve.

I can't add to this from my own experience, but from what I hear from others, the Symantec suite can cause a lot of problems. My boss has had huge problems with it -- it dug itself in to the OS so deep that when it went, it took Windows with it, and even after multiple expensive calls to both Symantec and Microsoft his computer was still in tatters (so much for the "open source is no good because you must have commercial support!" argument -- haven't heard that one since). And I'm using separate free anti-virus and anti-spyware products (no suite!) and have never had a problem.

Norton is useless

[Sonar]

Norton is not even that good at detecting Viruses on a computer, how are we supposed to think that it will actually detect Adware also? I highly doubt it. I, like many others on this forum have found that AVG and Trendmicro do a much better job at finding viruses than Norton. I will also stick with Lavasoft's adaware and Microsoft's (Giant) Antispyware to tackle my customer's computer problems.

I work at a "mom and pop" type computer store. 80% of these computers that come in had Norton Systemworks installed, with the latest definitions. Yet still they are full of viruses that both AVG and Trendmicro's Housecall detects. The sad part is, the sales of Symantec's products are driven by the need for Best Buy employees to sell more product. So with every new PC they are telling customers to spend money on useless virus scanning software.

The fact is, the best virus scanning and adware scanning software is completely free. Without any hitches. So why would I want to pay for anything when the free product is better in almost every way?

I have also found that Norton fails to uninstall properly in many comptuers. They even have removal utilities to remove their software. I think that this is completely rediculous. If software can't be removed properly from a machine, I dictate that this is no better than Malware. So in essence, installing Norton on your computer is no better than installing Bargian Buddy.

Panda AV best in my lab

[woodsrunner]

I have had the opportunity to test AV in my lab, okay I worked in a computer shop... but I was able to crack some really infected machines..

Far and away, the best at finding viruses is Panda. Not only does it find on average two to three viruses that Norton's and Mcafee will miss, but it also doesn't bog down your system.

It used to be the lowest priced AV, and while this is no longer the case (probably due to the drop in the dollar -- they are Spanish, er Basque) it is worth the price. Their latest product -- Panda Platinum outscans most products for spyware: even webroot, Spybot and adaware. It also head and shoulders above any anti virus and includes a nice firewall (which I haven't tested, but if it is like their other products, it's the best)

I highly recommend their free online scan and would also recommend downloading a free trial of their software.

http://www.pandasoftware.com/home/default.asp

consumers think spyware = virus, and they're right

[SuperBanana]

Consumer says fix it, company says we've reduced the complexity, customer still sitting waiting for fix.

The customer is sitting there wondering why their "antivirus" (or worse, "internet security"...I love that one) software isn't protecting them from a self-installing, replicating program they didn't want installed, which crashes their system and/or slows it down. I've seen spyware/adware/malware act like viruses (modifying/inserting itself into DLLs and whatnot) and worms (searching for other systems to infect) and trojans (how some of them "hide" from the user in plain sight). Snooty computer scientists get all huffy when you call a spyware program a "virus", but let's be completely upfront here- spyware/adware is just a trojan/worm/virus with commercial purpose.

Every uneducated computer user whose system I've fixed for spyware has asked the same two questions: "why doesn't my antivirus software protect me from this?" (and indeed, the software is installed, definitions are current) and "isn't this spyware stuff a virus?"

Fact remains that for all the crap hype- in at least a decade, "antivirus" technology hasn't improved. Much/all of it is based off the good old standby- definition files. Those worked when viruses took weeks to spread. Now they spread in hours- or less.

My favorite story about how useless antivirus software can be comes from 2000, when one of the worms going around got right past our antivirus software on our mail server. We looked at the one that got quarantined, and the one that didn't- and for an hour or two, we couldn't find any differences. Only when I loaded both onto my powerbook and opened them in BBedit, turning on "show all hidden characters", did I see that one had carriage returns and line feeds- the other only had one (CR's, I think). Because of this very simple change, the worm got right past our antivirus software. How idiotic is that?

Re:Challenge

[AviLazar]

Norton probably has few problems on most computers except:

The disabling of Norton is a known issue. Many viruses target Norton first.

This affected one Dell Inspiron 9100, another Dell (i forget the model, but it was bought in October 2004, same as the Inspiron 9100), a Toshiba S901, and a AMD 2200 Desktop. My co-worker (a very bright systems engineer) also has seen Norton deteriorate over the years. I used to love Norton, used it for years. I would recommend it to everyone - and on occasion when it was disabeled I figured "oh some virus got me" or some such thing. But eventually it got to be too much. It was so bad that right after installation, after each boot-up i would get crazy errors due to Norton.

Timetraveller's Trouble

[woodsrunner]

Yeah, I doublechecked too (because you're post made me think I was turning into a bot), the only thing I posted more than once(and I wrote both posts separately) was my testing of search engines that found Yahoo to be the best at finding answers for VB and Access... I get hyper-puppy when I find things that go against the status quo. I apologize.

For full disclosure, while I used to sell a lot of Panda when I worked in a comuter shop, I wasn't on commission -- I sold it because it worked and I wouldn't have to fix their computer again. I haven't sold the stuff in about two years. Additionally, I don't use Antivirus software except at work where we have enterprise Norton's >> which isn't as bad as personal edition. Still, I'd rather use Panda's Enterprise, but I am just a coder not an admin.

I have downloaded the trial version of Platinum to fix a friend's computer and was impressed how it did what adaware, spybot and spysweeper couldn't.

Sorry about the sales pitch, but I am amazed that Panda is so unknown and I figured where better than an slashvert for Norton's to spout about!? It's a good tool for any tech.

See you at the MIT meeting.

Re:Whatever happened to Norton?

[Anonymous Coward]

Read about him in Fortune a year or two ago. He sold Norton to Symantec but licensed his likeness for a few years (hence why his picture was/is on all the boxes). The article estimated his net worth at $400 million and his main focus was in fine art these days.

It's not obvious when one is infected

[braindead]

You say: Of course a knowledgable user can tell if they have been infected with a virus or spyware!

Certainly. The last time I was infected (stoned? jerusalem? I don't remember). I could totally tell that I was infected. I mean, who could possibly miss the extra 25 cycles it took to start a program? And the extra 2k of RAM that had gone away?

That was a while ago, but I believe that there is still malware today (botnets come to mind) that are designed to not be visible. And it is certainly possible to write software that remains nicely hidden.

So unless you're running tripwire from a clean boot CD or something equivalent, I really don't think it's a matter of course that you can tell whether you're infected. Just because many trojans are badly done does not mean that all are.