Slashdot Mirror
Symantec Support Gone Rogue?
DigitalDame2 writes "PCMag Security Analyst Neil Rubenking has always praised Symantec's tech support. Lately, though, a number of readers have reported problems with chat support, so he investigated. Rubenking was trying to install Norton 360 version 3.0 on a malware-infested system when the computer crashed with a blue screen error. He connected with Symantec tech support and was told that they could fix the problem, but for a fee of $100! (Here is the transcript and screen-captures of the chat.) Even more, Symantec support suggested that he use a malware-removal tool that wasn't even made by Symantec."
They just went rouge?
At least they had him use a decent anti-malware program. I generally find symantec products to be more of a virus than most viruses, that crap is hard to get rid of once it's installed and doesn't detect much of anything.
Maybe the malware infected machine had a hacked hosts file and he was connecting to some site in Russia? Or some other way of redirecting the supposed chat session with "Symantec Support"
As a real-time scanner, it is pretty good, and the corporate editions are pretty light weight, but has symantec ever been useful as a repair tool?
The support tech sounds like he did right, despite the non-corporate policy of eating symantec's own dog food.
Anyone cleaning an already infected machine would start with malwarebytes or combofix before wasting their time with symantec's stuff.
Sounds like the tech who was helping him knew this.
The computer was simply too infected to allow the Symantec software to install. This is not an abnormal occurrence. Symantec offered to have an engineer remotely access the system and clean it, which naturally costs money, since you're paying for a person's time to fix your computer, in addition to the license for the software. Symantec can't guarantee that your Windows installation isn't too badly damaged to allow their software to install, and they just offered an alternative to telling him to take the computer to be serviced. This is a non-story.
There are scads of free options.
Try a linux alternative
Like this.
Or this.
Hell even an online scan may work well enough, http://housecall.trendmicro.com/
People still get malware, and still use Symantec products?
I want to delete my account but Slashdot doesn't allow it.
There is a major difference between offering defect support for software and offering services surrounding the software. Let's review the order of events here:
1) Customer is unable to install product on test environment. Receives BSOD.
2) Customer contacts Symantec requesting defect support. Per customer the product is not functioning as described on a test system.
3) Symantec's front-line support team misinterprets the customer's request for defect support. Instead, they believe the customer wants the system cleaned, regardless of whether a Symantec product is used or not. As a result, Symantec services are offered for an additional fee of $100.
4) End-result is one unhappy customer, and a heavily biased article criticizing Symantec support.
What should have happened is anybody's interpretation. But, during #3, at a minimum, the issue should have been escalated to the next level where an actual support engineer discusses a bit further with the customer to try to understand if they a defect with the product, something unique to customer environment, etc.
Conclusion: Front-line reps at Symantec need more training. Customer needs to work on communication skills to be clear when contacting defect support. Failure to communicate.
I had to help someone clean up a popup problem and Malwarebytes Anti-Malware (which is free) eliminated not only the adware but also identified and removed a trojan that an up-to-date Symantec Anti-Virus didn't even find. I was really surprised.
Actually Malwarebytes is free, the paid version just gives you "realtime protection, scheduled scanning, and scheduled updating".
Do you know why they call it Norton 360? Because when you see it, you'll turn 360 degrees and walk away.
My Name is M'tumbo Botswana, I am the spyware removal expert of Nigeria. Please to transfer sum of 100,000 US dOllar to bank account written below. We value your customership very very much. Thank you
Hello,
/MBR switch, SYS and so forth).
I have worked in the antivirus industry for about nine years (with about another nine years doing networking things), starting with the technical support department at McAfee Associates (now McAfee). Even in the late 1980s and early 1990s, there were times when we had to run other companies tools to assist in detection or removal of computer viruses, or to obtain a sample. Peter Norton Computing's Norton Utilities Disk Editor and Sybex' Teledisk come to mind, as do various Microsoft MS-DOS utilities (DEBUG, FDISK with its then-undocumented
A few years ago, I re-entered the anti-virus (or anti-malware, as classic replicating infectors account for a few percentage points of what is seen these days) industry and it was and is not uncommon for our technical support people to help people remove rootkits, various Trojan downloaders and other pieces of malware that are either not detected or detected and not properly removed by our own software. One thing we make sure of is to get copies of any objects like files and registry entries so that our virus lab can add detection (or removal) in a new virus signature database update.
Sometimes, customers do get upset when they are sent download links to a third-party tool to assist with removal because they assume that one tool will protect them against all threats, however, with the shear number of unique pieces of malware being released every day by organized criminal businesses no one tool is going to prevent, detect or remove every piece of malware, every time, even with the best heuristics and generic detection technology. This is something which all anti-virus companies have to deal with, not just Symantec. On the plus side, we just started deploying our own supplmentary tools to detect and remove threats that the mainline products do not, and that will help wean our dependence on third-party programs.
That is pretty much how things stand with recommendations for the use of third party software by anti-virus vendors, now.
As far as selling support goes, well, fifteen years ago it was not unusual to sell support contracts or service level agreements to enterprise customers offering them priority round-the-clock access to technical support. Free, unlimited support via telephone, fax, electronic means (email, BBS, CompuServe, et cetera) was provided, but it was on a first-in-line basis. That started to change in the mid-1990s when the anti-virus companies started to generate substantial revenue and get taken over by professional business people instead of engineers, but when a company becomes publicly-traded, it switches from being technology-focused to being focused on maximizing stakeholder value every quarter, and that means looking at things which cost money like having to pay salaries for support engineers and turn them into things which generate revenue. At that point, I was leaving the company, and really did not care what they did with my department. I have been told by a couple of people who stayed on after me said that Bill Larsen used to give motivational speeches like, "I would fire you if I could." and "I don't understand why we have to provide support to customers, after all, we've got their money." to the support staff, but even if they are not actual quotations, they certainly are reflective of the culture at that time. At a publicly-traded company, loyalty to the shareholders usually takes precedence over loyalty to the customers. Some companies figure out that customer loyalty actually translates into more value for shareholders in the form of increased revenue from license renewals, customers who purchase new products or services from the company, et cetera, but it seems there are plenty who are unable to make this evolutionary leap in understanding how their business works.
These days, my current employer does provide free, unlimited technical support via phone and electonic means and
Dexter is a good dog.
Michael Jackson can turn 360 degrees and walk away. Called the Moonwalk.
I give my usual spiel that the best protection is not to pay money for anything, it's hard to say it's worth it (Slowing down your system, possibly causing more crashes and program compatibility issues, and then only catching perhaps 90% of threats). Open-source or freeware tools will do just fine to actually scan and heal threats. Largely it's the users actions that are the initial problem. I then offer my time, for free, to teach some safe practices.
You can't just punch in your credit card number and expect adequate protection.
Mark my words, there are lots of botnet'd windows boxes that have full-paid anti-virus software on them running just fine. My parents had one of them. (problem was identified in the logs of their linux firewall). The solution was to wipe it, given them firefox with some add-ons and clam-av. Zero issues since.
If your machine is properly patched your very unlikely to be taken over by a worm attack. Following that, with the right software, your unlikely to be hijacked in your browser and then infected. With the right ISP you won't have spam and e-mail threats. It's down to how the user operates, and discouraging them from skipping virus scanning that keygen.exe when downloading warez. Largely it's browsing that's the problem. Firefox plus some add-ons, and a little bit of user coaching.
I really wonder in who's interests it is to keep users dumbed down on security matters. Which in todays world has become as important as locks and alarms on houses cars and businesses. It's protection of critical infrastructure.
Why pay a exorbitant monthly subscription for a security guard to stand outside your house, because your house is equipped with vulnerable locks and the occupants are poorly trained at keeping the doors closed when they go out?
In hindsight I should have modded as redundant the mandatory:
Install Linux
which is inexplicably modded +5 something.
If 90% of the world ran one Linux distribution we would still have a thriving ecosystem viruses, trojans (albeit on a lesser scale). Good design, transparency and rapid patching in OSS only goes so far, it's not magic immunity. There is also a fairly constant amount of problems between the keyboard and chair - now that will not go away. Windows is the most common, therefore the most attacked... is the statement that raises hackles for some. However it is the truth. In much the same way having millions of genetically identical crops/livestock in unnatural concentrations provides for massive outbreaks of everything from blight to foot and mouth disease. Likewise millions of humans living in close proximity results in plagues - the human immune system was not built for this. And so our information technology infrastructure suffers the same fundamental laws of nature, you have one monoculture of identical entities you invite pandemic infection.
So how do we live in 20-30 million person cities, and don't all get wiped out in two weeks by ebola? We have sanitation: we all get taught how to cover our mouths when we cough, cook food properly and wash our hands after visiting the lavatory etc etc and we have some sanitary measures to back it up, ie chemicals that can clense pathogens.
User education is the key. The first thing we can teach is to stay the hell away from clearly rogue companies. We can also stop beating redundant very tired drums.
After logging in slashdot still does not take you back to the page you were on. It's been that way for 20 years.