Don't use SAV!!

| | Comments (0)

Today promised to be another fun day of removing viruses from machines. Except that at 4:30am, someone sent a malformed email to our mail server which crashed it. So I restarted it (when I heard the pager at 5:50am). Only to have it crash again a few minutes later. Lots of memory dumping type things happening on the screen. And what appeared to be a spam. Restarted. Crash. Repeat several times. At some point the email must have either gotten through or bounced, because the last time it crashed was 9:03am. But I had to sit and watch the thing most of the morning in case it crashed again. So that was fun.

Now we'd logged a call to IBM because the server was clearly having issues. They didn't have much to offer except upping the logging. Then late this afternoon they said "oh, yeah, there's been a stack of calls logged in the States as well, we're looking into it". Yay.

After lunch I thought it might be safe to leave the server and go and do some antivirus stuff. Except I failed abysmally. This one machine simply would not upgrade SAV, or even remove the previous (vulnerable) version. So I'm here to say right now, never use Symantec Antivirus!! It has to be the crappiest software I've ever had to deal with. Refusing to uninstall. Refusing to upgrade. Hanging on stopping services. Poor pickup of new viruses in the wild. Not to mention listening on ports to the outside world, and being buggy and vulnerable to buffer overruns!! The number of hours wasted simply *waiting* for it to do something and waiting for reboots.. we could have bought an entire new anti-virus system!! This virus has been doing the rounds for two and half days, and it took until this afternoon before its definitions recognised the system.exe file as a virus. Even worse is these machines are now riddled with spyware that SAV won't remove, even when it says it has removed the various trojans and spyware (or will after reboot).

If I ever had to make a decision on what anti-virus software to run, it would NOT be Symantec Antivirus.

Leave a comment

Kazza's "Boring Life Of a Geek" aka BLOG

IT geek, originally from Sydney, moved to Canberra in 2007. Married to "the sweetie", aka Stu. Prolific photographer, Lego junkie and tropical fish keeper.

Kazza the Blank One home