So I was having some issues with some programs that seemed suspicious to me at work and I wanted to scan the computer just to make sure everything was okay when I was working on some testimonial videos. We have Symantec Endpoint Protection but I had installed Spybot S&D because this computer is a spyware nightmare waiting to happen….
However, scanning with the Symantec Endpoint Protection requires an admin password. So I email tech support.
——-
Me: Hello!
You guys have Symantec Endpoint Protection on our PC’s however in order for us to run it ourselves it requires a password which I do not have. Either A) can I have the password to check for viruses intermittently or B) can you run it on the back office computer. Thank you 🙂
Derpette
Them: Derpette,
I am sorry we do not give that password out. It is an administrative password. You Endpoint software is running all the time so there is no need in most cases to run a manual scan. Is something happening on that computer that is causing you to be alarmed?
Please reply to this email so that we can have a better understanding of what is going on.
All Knowing IT Man
Me: Well I was trying to use a program to edit a testimonial video and my Spybot S&D popped something up about it but the endpoint didn’t. I scanned with the Spybot and got 36 spyware/malwares off the computer. So I just wanted to do a check. I got rid of the programs and wanted to just do a sweep to make sure everything was clear.
Thanks!
Derpette
Them: Installing multiple antivirus programs in not recommended. It can actually cause programs to not function properly.
All Knowing IT Man
————
-FACEPALM- I was about to return an e-mail stating the Spybot S&D was a Spyware/Malware remover not an anti-virus but…. It just hurt too bad… Just because I’m a woman doesn’t mean I don’t know what I’m doing. All I asked was for you to scan the computer because your software won’t let me do it myself.
Just another reason to support why I don’t use Norton/Symantec products on my computers.
We use Kaspersky on all of the 3000 machines we support.
Arghh i hate Tech guys like that, Im not sure why most Telephone based support seem to have an attitude attached to them, i like to lead them on pretending im stupid, then say something to scare them
Hmm wonder if it is really running as i have seen programs appear to run and not
It’s a bad idea to run any antimalware along with antivirus for the same reason that it’s a bad idea to run two antivirus programs side by side. They do low level scans, and can wreak havoc if they’re both running at the same time, to the point of crashing the machine, or even file corruption.
Endpoint’s not a bad program if it’s configured properly, because it’ll lock the machine down tight, to the point where it won’t allow you to run any programs that Symantec hasn’t signed off on. In this scenario, I’d be interested to see if the spyware/malware that was found was active and functional, or if it was just a bunch of tracking cookies or something of the like.
Yeah, spybot does a good job of scaring the crap out of its user(s) by flagging tracking cookies as potential malware/spyware.
While I would agree with your assessment at a rather basic level, the real problem is that most commercial antivirus programs don’t seem to be very effective against the common extortionware viruses. It seemed that Kaspersky, McAfee, and Symantec all ignored the “malware”, and it took Malwarebytes or Spybot to undo the infestations.
My pet theory on why that was the case is that, at a point, it’s hard to identify much of any difference between the hysterical, threatening popups that the commercial AV products make if you don’t renew your subscription and the hysterical, threatening popups that the extortion viruses hit you with if you don’t pay their fees. Therefore, the AV companies tend to respect their “competitors'” efforts as an honor-among-thieves situation or just realized that if they called such hysteria and extortion to be bad, well they were doing the same thing and peddling malware themselves.
I used to actually have “discussions” with one of the sysadmins who was responsible for maintaining our antivirus solution, he was adamant that an AV should not be expected to remove “malware”, and my contention was that it sure as hell should remove malware that edits system configurations, changes the flags on both system and user files, and otherwise renders the machine unusable in a malicious manner. Since we couldn’t get any traction on replacing the ineffective managed AV solution, the rest of the techs and I just kept wasting hours upon hours of time each week removing the extortionware from our end users’ systems.
Sounds like the IT man was some dude who they hired to quote the company line. He has no real IT prowess. I mean, he’s advocating Norton?!
Don’t you love tier one support?
I work for Symantec and wanted to clarify a couple points. Symantec Endpoint Protection is more than just antivirus and includes protection against spyware as well as other security measures. Also, SEP is always on and a manual scan shouldn’t be required. As other commenters have noted, multiple antimalware solutions can cause issues when running concurrently. I’m not familiar with Spybot S&D but it’s possiblethat it’s flagging things like tracking cookies (also suggested by another commenter). But with all that, I’m sorry you felt like your IT was giving you attitude. I’ve run into the same thing with other companies…like my health insurance. When I had trouble logging into my account and called support, his response was, “You likely have a virus.” I was trying to log in from my work computer…at Symantec. I bit my tongue instead of yelling, “Not likely, do you know where I work!!”