Endpoint Protection

 View Only
Expand all | Collapse all

scan stopped by user

  • 1.  scan stopped by user

    Posted May 14, 2010 12:54 AM
    wen i right click on scan for viruses.....its shows me a message as "scan stopped by user"
    i have even enabled realtime protection...
    plz tel me wat to do?
    i really need 2 scan my pc immediately
    or mail me d solution at nikitajain117@gmail.com


  • 2.  RE: scan stopped by user

    Posted May 14, 2010 09:59 AM
    Hello,  since 2 days I do have the same problem as described above.
    Have checked free space on disk and deleted all temp files but nothing changed.

    Who can help?

    Your help is very much appreciated.

    You can also by mail: m-kirschke@foni.net

    Thanks in advance


  • 3.  RE: scan stopped by user

    Posted May 14, 2010 01:45 PM
    I run Symantec AntiVirus Corporate edition 2002 (build version 8.00.9374) in the stand alone, unmanaged installation on my PC that runs on XP with service pack 3.

    I discovered the problem described above yesterday morning (May 13) when my weekly virus update and system scan is scheduled.  Live Update DID occur but when the system scan began and the control box opened, the scan stopped immediately (with no files scanned) and the message "scan stopped by user" followed by the date and time appeared in the title bar.  All of the control buttons (restart, pause, etc.) are GREYED out and not functional except for the "close box" button.

    The only change that occurred to my PC was the download and installation of the most recent Microsoft Security update for Windows XP (KB978542) which is described as:

    "Microsoft Security Bulletin MS10-030 - Critical Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution (978542)"
    (url: http://www.microsoft.com/technet/security/bulletin/MS10-030.mspx)

    I have tried uninstalling the security update; uninstalling - rebooting - reinstalling - Live Updating the antivirus application; doing a system restore point going back to the previous week - all to NO AVAIL.

    I have subsequently identified this same, exact issue on 3 other computers that run XP with sp 3 that had just installed the most recent Microsoft Security Update.  On each computer upon beginning a system scan, the scan box opens and immediately stops, displays the message "scan stopped by user" followed by the date & time and all of the control buttons are greyed out except for the close button.

    I would be grateful to any and all suggestions on how to rectify this situation.  As a newbie to this forum, I would appreciate if others would copy this posting to other sections of the Symantec and Microsoft sites that might give this matter prominent attention.

    Thank you,

    Bryan Pepper - email me at bpeppy1@gmail.com



  • 4.  RE: scan stopped by user

    Posted May 14, 2010 04:42 PM
    I'm currently having the same problem with this version of SAV with that recent update.  I also have a client running NAV2002 (NOT the corporate) and is having a crash on startup after the same update. 

    There seems to be a problem with the latest update.  I doubt we'll get much help from Symantec because the versions are no longer supported but maybe if someone from Symantec is reading this post, they could at least let us know what's changed to cause this.

    Please keep the thread updated if you get any information and I'll do the same. 


  • 5.  RE: scan stopped by user

    Posted May 14, 2010 07:38 PM
    ...but you are using 8 year old software.  Maybe time for an upgrade??  Also curious about using corporate edition software on a "standalone" PC...I did find a  Symantec support article:
    http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/ef06f50fcab0ce1188256a2200272927?OpenDocument

    As you noted, this version isn't even listed on Symantec's support site anymore, so I wouldn't expect to see a fix for this.  The cost to upgrade to NAV 2010 is low ($40 direct from Symantec, you can probably get it cheaper), and the performance of this version has been widely commented on as being excellent (maybe even better than these old, outdated versions)!



  • 6.  RE: scan stopped by user

    Posted May 14, 2010 07:44 PM

    Yes, I'm aware of this.  The thing is I'm supporting a few clients on older machines that run specialized lab equipment and these systems can not be upgraded to XP.  So I've been trying to get them by using older versions (they do have a license for SAV corporate).  It's interesting because this same update is causing problems on the Norton (NAV 02/03, at least) side of things as well...


  • 7.  RE: scan stopped by user

    Posted May 16, 2010 05:26 PM
    This issue appeared on May 11, 2010 with vd315603.xdb.  You could try using the previous version from May 10, 2010: vd315402.xdb

    You can download the earlier XDB from:
    http://ftp.metu.edu/popular/virus-updates/symantec/xdb/





  • 8.  RE: scan stopped by user

    Posted May 16, 2010 06:15 PM
    This happend to me too.  The problem starts with VD315603 which was distributed on 11-May-2010 14:55.  I've tried an image without KB978542, but have still the SAME issue.  Once I installed VD315603 or later, any scheduled or manual scan fails.

    Here's a link to the last XDB that does work:

    http://ftp.metu.edu/popular/virus-updates/symantec/xdb/

    Use VD315402.XDB  10-May-2010 13:28


  • 9.  RE: scan stopped by user

    Posted May 17, 2010 09:52 AM
    I believe Symantec did this on purpose in order to force people to upgrade to newer versions and sell more subscriptions for updates. What better way than to disable something they no longer support to keep people from updating it.


  • 10.  RE: scan stopped by user

    Posted May 17, 2010 02:09 PM
    I also did everything BrianP did with the same results...after sys restore I tried the manual scan and was informed that it could not access the scan engine and to check if the program was installed correctly! Everything was just fine until my May 14th 4am scan. Let's see if "thatoldITguy" link works.
    I must agree with "Hope Udie"...Bill Gates has the same M.O....why not these !@#$% clowns...pax.


  • 11.  RE: scan stopped by user

    Posted May 17, 2010 02:23 PM
    No longer will my company be using Symantec or any of it's products.  There is no way this is anything but intentional.  We don't leave our customers high and dry and don't expect to be left that way by our vendors.  Those that burn us, lose us.  Cya Symantec.  And as for "KSchroeder, Trusted Advisor".  I find your earlier comment offensive and accusitory.  Not the kind of comment a "Trusted Advisor" should be making publiclly.


  • 12.  RE: scan stopped by user

    Posted May 17, 2010 05:04 PM
    Definitions are no longer tested against SAV 8, plain and simple.  That is what End of Life means. I do not think that there was an 'intentional' change to break the older program in order to get people to upgrade.  As for what changed... we add a lot of new detections with every passing day.  Any one of those could be responsible, unfortunately.  Sometimes there are engine updates (that did not occur at the time).  My point is that this could have begun failing on unsupported systems at any time since End of Life.  It is unfortunate... but true.

    The threat landscape has changed a LOT since 2001.  If you're using SAV 8 or NAV 2002, you are not fully protected against these modern threats.  This is not intended to be an offensive or accusatory statement; it is just a fact, and I don't think KSchroeder meant any offense by it, either.  All SAV 8 was capable of was antivirus, not even antispyware.  Using a security product this out of date should be a concern for any network security professional.

    sandra


  • 13.  RE: scan stopped by user

    Posted May 17, 2010 10:39 PM

    I liked the old SAV 8.1.  Sorry to see it go.  I dont like endpoint!



  • 14.  RE: scan stopped by user

    Posted May 18, 2010 11:14 AM

    sandra.g said "If you're using SAV 8 or NAV 2002, you are not fully protected against these modern threats."
     
    Am I to understand that there is some software on the market in which we could be fully protected against these threats?
     
    sandra.g said "All SAV 8 was capable of was antivirus, not even antispyware."
     
    I always found that weird.  From a computer science perspective how is spyware so fundamentally different that it couldn't be detected within the same definitions.  I suspect that it could.
     
    I understand that symantec is a for-profit company and that this software is fairly old (but up until very recently still relevant).  EOL or not, you should realize that people in the community are not going to be thrilled about needing to spend more money.  Maybe this will some day get fixed as unceremoniously as it broke, obviously we won't be waiting on that.
     
    As for me personally, I'm considering spending our money instead on a detection tool for known application vulnerabilities, limiting users to allowed applications, and using a well known FOSS AV program for scheduled scans.  I have a feeling that this strategy won't give me any larger of a headache dealing with malware than I've grown accustomed to.
     



  • 15.  RE: scan stopped by user

    Posted May 18, 2010 03:04 PM
    I just got this desktop (MS Windows XP Professional Version 2002 Service Pack 3) in January and it came with Symantec Antivirus Corporate Edition  V 8.1.0.825.  Please let me know how I can get this up and running again jlangfordgray@sbcglobal.net


  • 16.  RE: scan stopped by user

    Posted May 18, 2010 06:28 PM

    Could you elaborate further on your statement "I just got this desktop (MS Windows XP Professional Version 2002 Service Pack 3) in January and it came with Symantec Antivirus Corporate Edition  V 8.1.0.825"

    Did you buy this computer new? Was it provided to you by your employer?

    No matter what the answer is to either of these questions, SAVCE 8.1 is an outdated, obsolete product that is no longer supported in anyway and is not capable of providing the protection needed in today's threat environment.

    If you can't wrap your mind around that, there is nothing more to be said.

    MJD


  • 17.  RE: scan stopped by user

    Posted May 18, 2010 08:35 PM
    I understand the inplications of product end-of-life It's just a fact of doing business. But if Symantec was going to stop support altogether for a product or a particular release then ALL support including updates should cease. I find it extremely irresponsible for them to have stopped product compliance testing without removing the product from the definition update cycle. It is aparent that Symantec has released a virus definition update that broke a functioning product and placed hundreds, maybe thousands of computers still using the product at risk. I'll be giving my one remaining domain still running (now broken) 8.1 one shot at an overwrite upgrade to 10.0 and if anything goes wrong I am moving all my domains to another vendor's product. I am a one-person I.T. department working to support a struggling non-profit community based organization and fighting this ridiculous issue for the past five days was the straw that broke the camel's back. How much effort would it have taken to add a service denial message to live update and turn the 8.1 update functionality off at the end of the product's support life? If you can't trust one of the indsutry leaders in antivirus software who the heck can you trust anymore?



  • 18.  RE: scan stopped by user

    Posted May 18, 2010 09:23 PM
    I hear you there....I work on older systems running specialized equipement, and many of these systems can't run anything greater than Win9X.  While it's definately not the most secure system, running SAV 8 was better than nothing.  It's not like Symantec is losing a ton of money on these systems....they just can't be upgraded to newer software...and I personally use the latest software and that's what I recommend.  It was just nice to have something for these older machines.


  • 19.  RE: scan stopped by user

    Posted May 19, 2010 03:00 PM
    I discovered this issue, because I maintain an older machine used verify that websites render properly for older browsers.  Not a problem for me, because the box can be re-provisioned easily if infected, and I hold multi-user licensed versions of other antivirus software as well.
     
    However, I am deeply troubled by the way this was handled. No warning, just failure to protect.  Believe it or not, people do run older systems for specialty applications,  and failure to give warning before pulling the plug is just unethical.
     
    So yes, I will be reevaluating whether or not I want to recommend Symantec in the future.


  • 20.  RE: scan stopped by user

    Posted May 19, 2010 07:28 PM

    I can't believe the number of people complaining about this.  Get a clue people.  SAV 9 isn't supported anymore let alone SAV 8.  They stopped selling licenses for this software years ago. 


  • 21.  RE: scan stopped by user

    Posted May 19, 2010 07:42 PM

    Seriously?  Get a clue people?  If we wanted a lecture about old software we could have read any of the prior comments where folks point out the obvious or the two other threads about it over at the Norton forums.  We're working with old equipment running on old systems just trying to keep things running and get some support from one another.  Obviously we know the risks.  We know it's old.  I don't think "don't you know SAV 8 is old" bears any further repeating.


  • 22.  RE: scan stopped by user

    Posted May 19, 2010 07:44 PM
    I agree cayman. To me it is like someone going to the Microsoft forums and complaining that Windows 95 is causing a BSOD on their machine and expecting microsoft to fix Windows 95....it just doesn't make sense. I don't know really what else to say on this subject.

    Grant-


  • 23.  RE: scan stopped by user

    Posted May 20, 2010 01:32 AM

    No, it is like MS disabling an unsupported opsys under the guise of an upgrade.
    No one would fault Symantec for no longer supporting the software.    Everyone in the previous posts has stated that - read the posts again.

    No longer supporting 8 yr old software  = expected
    Disabling out of date software on update = unethical

    Do you not see the difference?




  • 24.  RE: scan stopped by user

    Posted May 20, 2010 04:40 AM
    Actually it is nothing like MS disabling an unsupported OS.  When you buy a copy of Windows from MS the sale is essentially final.  When you originally bought SAV 8, it was for a set amount of time.  (1 year, 2 years, etc.)  After that amount of time passed, you were suppose to stop using the software or purchase a renewal and/or upgrade.  Obviously everyone in this thread is not under contract to use SAV 8.  When you buy an antivirus product, what you're essentially paying for is definitions.  This is why most AV software companies will allow you to upgrade to the latest version of their software even if you just bought the old version.   (Ie, if you bought NIS 2009 from a store today you could upgrade to NIS 2010 for no additional cost.)  The bottom line is that you're not paying for the definitions now, so you have no right to complain when they stop working. 


  • 25.  RE: scan stopped by user

    Posted May 20, 2010 02:35 PM

    No longer supporting 8 yr old software  = expected
    Disabling out of date software on update = unethical

     

    " Please don't forget to mark your thread solved with whatever answer helped you "

    I don't think this thread will ever get solvedangry


     


  • 26.  RE: scan stopped by user

    Posted May 20, 2010 02:56 PM
    Your assuming that we "complainers" dont have a current license.   For example I own Windows 7 licenses to cover all of my computers, but they run Windows XP.  "Downgrading" is common place when the situation calls for it.  I'm just not ready to have Microsoft or Symantec dictate to me when I HAVE to upgrade my hardware or software to support their more complicated systems.  And for my mission - XP is working fine.

    Eventually I will upgrade, but it should be at time of my choosing, not forced upon me by some software vendor.

    By the way - I have a license to SEP 11 for every one of my computers . 

    ThatOldITGuy.



  • 27.  RE: scan stopped by user

    Posted May 20, 2010 05:52 PM


  • 28.  RE: scan stopped by user

    Posted May 20, 2010 06:18 PM

    Ive said it in the other threads and I'll re-state it here. SAV 8 is not designed to process the size of the definitions files of today. You are lucky it worked as long as it did. It finally broke. Nothing was done intentionally, what all of the SAV 8 users are experiencing should have happened years ago. No-one's forcing anything on you except you at this point. Not trying to be a jerk, it's just the reality of the situation.


  • 29.  RE: scan stopped by user

    Posted May 20, 2010 06:20 PM

    There are no solutions supported by Symantec because the product is no longer supported. Please do not state there are any Symantec supported solutions for this issue, as there are not. Other than upgrading to SEP or SAV 10


  • 30.  RE: scan stopped by user

    Posted May 21, 2010 12:08 AM
    Yep - it works - at least for a manual scan!  Cant make it work for a scheduled scan though.  I had to create keys and dwords that weren't there (the reason I missed it before), but if you do this it does work.  This might save you some typing:

    Windows Registry Editor Version 5.00
    [HKEY_CURRENT_USER\Software\Intel\LANDesk\VirusProtect6\CurrentVersion\Custom Tasks\BootScan]
    "ScanBootSector"=dword:00000000
    [HKEY_CURRENT_USER\Software\Intel\LANDesk\VirusProtect6\CurrentVersion\Custom Tasks\Default Scan Options]
    "ScanBootSector"=dword:00000000
    [HKEY_LOCAL_MACHINE\SOFTWARE\Intel\LANDesk\VirusProtect6\CurrentVersion\LocalScans\ManualScan]
    "ScanBootSector"=dword:00000000
    [HKEY_USERS\.DEFAULT\Software\Intel\LANDesk\VirusProtect6\CurrentVersion\Custom Tasks\BootScan]
    "ScanBootSector"=dword:00000000
    [HKEY_USERS\.DEFAULT\Software\Intel\LANDesk\VirusProtect6\CurrentVersion\Custom Tasks\Default Scan Options]
    "ScanBootSector"=dword:00000000

    Of course, Symantec has made it very clear that they do NOT support this or the continued use of this decrepit program.

    Good Luck

    ThatOldITGuy.

     


  • 31.  RE: scan stopped by user

    Posted May 21, 2010 02:01 AM
    i too have been battling this dragon since yesterday's update, but alas, after i worked the registry and confirmed it here.

    nice work, ThatoldITguy, but for me to get it to work i had to add the following line:

    [HKEY_CURRENT_USER\Software\Intel\Landesk\VirusProtect6\CurrentVersion\CustomTasks\Default Scan Options]
    "ScanLocked"=dword: 0x00000000 (0)



    cheers!

    b





  • 32.  RE: scan stopped by user

    Posted May 21, 2010 01:36 PM
    Hey Symantec -- using the deceptive phrase, "Scan stopped by user" is a terribly misleading way to confuse already overloaded IT folks into going down wrong paths toward a solution. What a waste of precious time and resources! Come on, Symantec- who made this foolish decision and created more headaches for the IT community? You used to be a trusted, respected organization that provided a true sense of security, a company and product IT teams could rely on to be backing us up 24/7. But this latest distraction goes against every tenet of cooperative teamwork. We've spent two days trying to figure out what the h3ll "scan stopped by user" could mean suddenly went wrong with our operating system, your software, or our border defenses etc. It turns out we burned up all this time and effort because our supposedly trusted ally in the war on evil needlessly tripped us up!

    Look, why couldn't you have simply inserted a stop command with an intuitive phrase like, "We're sorry, due to circumstances related to EOL support terms this software will no longer update properly." That's all. That's all we needed to avoid the extra headache the last few days. Was that too much to ask a world-class IT company to do?

    And, to all those "Holier-than-thou" experts out there who are so quick to criticize for not upgrading to later versions: there are many business environments in warehouses and fulfillment operations that are running older hardware and programs that simply cannot be upgraded without considerable financial commitments. The current economic situation prevents us from spending money (payroll??)  -- when our ops run fine as they are (assuming our "partners" don't trip us up like this). Also, this AV software is not the only tool in our kit so we are still reasonably protected. We use Process Guard on older machines, for example, that kicks @ss and offers far more in overall protection than any AV software. But, out of several tools that we use, Symantec is the only one that has ever tripped us up in this fashion. SHAME ON YOU GUYS - If you want to shut down the definition updates for the GOLD software licenses we purchased (that originally stated lifetime unlimited updates in the EULA, by the way) so be it -- but do it in a professioanl way that doesn't hurt us until we can afford to, and deal with upgrading!  Boo hiss.  :(

    [truthful missive stopped by user]

    - Pissed in northern CA




  • 33.  RE: scan stopped by user

    Posted May 21, 2010 01:41 PM
    Your reg hack worked great (for manual scans anyway) - I only needed the first three keys to get it working again. Gold 8.0


  • 34.  RE: scan stopped by user

    Posted May 21, 2010 05:08 PM
    Ive said it in the other threads and I'll re-state it here. SAV 8 is not designed to process the size of the definitions files of today. You are lucky it worked as long as it did. It finally broke. Nothing was done intentionally, what all of the SAV 8 users are experiencing should have happened years ago. No-one's forcing anything on you except you at this point. Not trying to be a jerk, it's just the reality of the situation.

    I would also like to see someone copy and paste the portion of the EULA that states you are to receive definitions for life, as I don't recall that being in there the last time I looked at it. The point of renewing your contract is to also renew your ability to download and install definitions for another year and receive technical support for the product. I don't recall any time that Symantec has offered definitions for life on any products.


  • 35.  RE: scan stopped by user

    Posted May 21, 2010 05:16 PM
    You can't just Use WIndows 98 and Windows 95 forever..Even though they were very stable, good and User-Friendly Operating Systems..

    SAV 8 might look good and stable but that's not what is expected from a Antivirus today..It was best software back then..

    Today Malware and Threats have become more than Legitimate files and are more complex for a simple SAV 8 to handle..As a Software grows old and Famous its hacks get more famous..
    So its very easy to disable\bypass SAV 8 for a Malware Scripter..

    There are more than hundred of Vulnerabilities in that version which very obvious will not be fixed as it was fixed in SAV9,10 now 11.

    What Kyle (KSchroeder, Trusted Advisor ) said above was nothing wrong..
    In the forums from looking at a user's comment how can anybody say if he is a home user talking about his old desktop or a AV admin handling thousands of computers.
    So what we suggest is at a very basic level and it doesn't mean we are forcing anybody we are just suggesting.

    Applying Hacks might help you to do manual scans however there are many Freewares available on the internet that do the same which included latest scan engines..

    Now SAV 10 has come to End of Life as its not able to handle next generation Threats are are much more advanced and need strong heuristics

    So If you are really interested in Security then you should always use the latest version with latest patch with latest definition..


  • 36.  RE: scan stopped by user

    Posted May 21, 2010 06:25 PM
    PASTED FROM ABOVE:
    "Look, why couldn't you have simply inserted a stop command with an intuitive phrase like, "We're sorry, due to circumstances related to EOL support terms this software will no longer update properly." That's all. That's all we needed to avoid the extra headache the last few days. Was that too much to ask a world-class IT company to do?"

    Of course old software breaks over time, regardless the task it's designed to do. The computing world is not a static environment and variables change around it (with AV i.e. threats, angles of attack etc.) That's why Process Guard is so helpful, especially in older OS's. No way would I rely on outdated AV software alone. But, sometimes economics dictate and the typical mindset at many SMB companies is, 'If it ain't broke, don't fix it." This is due to tight financial resources, often resulting in smaller IT staff, which means we're stretched thin enough already.

    I'm not denying your logic re the EOL issue - it's the way Semantic handled it that frustrates me. Shouldn't IT departments help each other resolve problems instead of CREATE them? (See paragraph #1 above.)




  • 37.  RE: scan stopped by user

    Posted May 21, 2010 07:32 PM
    I read your post thouroughly. Regardless, I can assure you that Symantec didn't do anything on purpose to break SAV 8 with that set of defintions. The product never should have been working with them since EOL was declared in the first place. That's the bottom line. The definitions are no longer tested against SAV 8 or 9 for that matter, so there was no way of knowing which update would break it. This one did evidently.

    There are other posts on this subject which discuss the very public notification Symantec released when SAV 8 and 9 reached end of life. Nothing was purposly hidden or held from the public regarding the loss of functionality of EOL products. There were no sneaky or underhanded plots put in place to mess with everyone using our EOL products. This was just the straw that broke the camel's back so to speak.

    As far as notifying users about loss of functionality with those EOL products goes, it's there on the web site for all to see.

    Here, see for yourself:

    http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=savce

    "Symantec Antivirus 8.0 reached its End of Support Life as of November 30, 2005 and Symantec Antivirus 8.1 reached its End of Support Life as of January 31, 2007, as defined in the Symantec Enterprise Technical Support Policy. Therefore virus definition updates are no longer supported for this product.

    Symantec Antivirus 9.x will reach its End of Support Life as of March 31, 2009. Virus definition updates for version 9.x will be discontinued on April 1, 2009. Please contact your account manager or reseller for information about our current shipping versions."


    While I can understand the situation is frustrating, it is what it is.


  • 38.  RE: scan stopped by user

    Posted May 22, 2010 01:41 AM
    The only way I'm comfortable with any Symantec, McAfee, AVast, etcetera product is if it's installed on a virtual machine on my Macs.

    That way, whenever some malware has completely violated my machine again, I can just roll-back the version of XP, or Windows 7 and with it roll back the malware, and the "sudden failure" of any software....  

    Since you really have zero confidence of protecting your computer once it is breached, it seems to me that it's all just a big joke designed to have people buy dual processor just so that one of the processors can run virus scans all day...  

    It is interesting, though, that a virus definition would "break" the software and a couple registry edits would fix it.


  • 39.  RE: scan stopped by user

    Posted May 22, 2010 02:03 AM
    I can see that the Registry hack deactivated the entire Boot Scan.  I am guessing that is not what was broken but one of the definitions of the boot scan that broke the boot scan.  So it seems like Symantec hasn't been malicious....  :-)


  • 40.  RE: scan stopped by user

    Posted May 22, 2010 05:45 PM

    I never intended to imply that Symatec was somehow being malicious, or otherwise intentionally doing harm. What they are doing, however, is misleading scores of fellow IT folk by breaking their software without providing clarity, thereby creating headaches in troubleshooting and wasted resources. When we encounter a dysfunctional machine (whether protected or not) the only course of action is to begin troubleshooting, which requires precious time and effort. We don't know initially if the machine has an infection, the OS has been corrupted, a hardware issue has occurred, user error etc. All we know is something has occurred and the computer is malfunctioning. The general phrase, "scan stopped by user" is so unintuitive that I have no clear direction in troubleshooting. Is there a virus that has disabled the AV program? Is there a new permissions issue unrelated to Symantec? Is there a patch that has broken the software? etc. etc. (In this case the latter being the case.) A small software company may not have the insight, experience and resources to cover all the bases. But, one would think a corporation the size of Symantec would.

    Once again:
    "Look, why couldn't you have simply inserted a stop command with an intuitive phrase like, "We're sorry, due to circumstances related to EOL support terms this software will no longer update properly." That's all. That's all we needed to avoid the extra headache the last few days. Was that too much to ask a world-class IT company to do?"


  • 41.  RE: scan stopped by user

    Posted May 23, 2010 05:27 PM
    Thank you ThatoldITguy for the registry change info that you posted above. I did it and it does allow me to manually run Symantec Norton Anti-Virus Corp 2004 edition on my computer and perform a scan. I see that it is basically a copy of what Symantec posted at  http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/ef06f50fcab0ce1188256a2200272927?OpenDocument&Click=
    If I could simply make a suggestion that if a person simply goes to
    Start / Run / regedit / OK
    Then does   EDIT / Find /      ScanBootSector
    and for every instance found by hitting the F3 button (about 12 of them were on my computer) you simply change the value in the registry from 1 (one) to 0 (zero) that both "manually scan your computer" and "scheduled scans of your computer" will work. Changing the value from 1 (enabled) to 0 simply disables the Norton Symantec Anti-virus program from being able to scan the C drive's boot sector. Hence it stops it from erroring out.
    Please note that Fraigan posted above that the ScanLocked registry value may also have to be set to 0 (zero) but I did not have to do this because it was already set to zero.
    Lastly for all those getting upset over those of us using older versions of Symantec Anti-Virus (SAV) or Norton Anti-Virus (NAV), please realize that us IT guys use the corporate edition of NAV or SAV which can be used on multiple computers and can receive virus updates for years without changing or updating the original program. Also realize that many times this corporate edition was placed on a Win98 PC which does not allow the updating to the newest version of Symantec Anti-virus. The reason that someone is still using a PC with the Windows 98 operating system is truly irrelavant but to appease those reading this, there are many such as: The Win98 machine may be using ISA slots for IC programmers, Voice mail cards, etc. The Win98 machine may be interfaced to a piece of machinery where the cost to upgrade is either too costly or simply not available. The Win98 machine may be used with an old program application where the OEM (original equipment manufacturer) is out of business. OR it may simply be a case of "If it isn't broken, don't fix it!" In any case, there are many reasons why someone may be using an old version of NAV and not want to upgrade. The PC it is used on may never or rarely be used on the internet, possibly just to run a manufacturer's program application update, hence it needs only basic protection. Lastly, many individuals simply hate to consistently pay out money for reaccurring expenses. i.e. cableTV, satelliteTV, phone company,etc. And it is more irritating when those expenses are for something that expires for no reason or simply too often. i.e. drivers license, car inspection, car registration, auction sniping software, coupons, gift cards, etc. Most people feel that when they purchase something like a fridge, washer, dryer, alarm system, TV, VCR, DVR, etc. that it's a one time shot until the device breaks. Most individuals reading this would be highly upset if their alarm system or refridgerator stopped working at the end of a year or any specific time period (known as EOL End of Life) and they were FORCED to pay a fee to make the alarm system or fridge work again. Not to mention how upset they would be to find out their house was robbed or food was ruined in the fridge or, in this case, that their computer was recently vunerable and possibly infected with viruses.


  • 42.  RE: scan stopped by user

    Posted May 24, 2010 05:56 PM

    Addressing your last paragraph. 1. The computer was exremely vulnerable to viruses regardless if the definitions were current and/or working or not. SAV 8 isn't qualified to protect systems from the threats of today. 2. Appliances do have a limited warranty period (1 to 3 years on average), as well as most anything you buy today does. If said appliance breaks after the limited warranty (EOL) is up, guess who's paying to get it fixed? You, the owner of the appliance. No-one here is being forced to do anything because Symantec didn't break the product, it broke itself. It should have broke itself years ago. 

    You have to keep in mind that this software was created almost 10 years ago, not last year. That's a pretty good run for a version of software. I have paid for plenty of sofware that was supported, or provided free upgrades for "life". Well guess what. That software isn't around anymore. Why? They moved on and made versions that work with newer OS'ses/hardware or simply stopped making it alltogether. Did I expect it to work on my system for "life", or them to continue update it after they stopped making said software? No. One must understand that the term "life" in the software world means the life of the product. Not one's lifetime.


  • 43.  RE: scan stopped by user

    Posted May 24, 2010 06:57 PM

    Inserting a new error message into a program that has had no development or updates for years, for a problem that couldn't possibly have been accurately predicted (though honestly, not unexpected) because definitions are no longer tested with it?  I don't mean to sound snarky, I really don't, but...

    Just to be clear, this was not a patch to the program SAV 8.  This was a definition set intended for currently supported versions of antivirus and antispyware (SAV 10 and the SEP family).

    sandra


  • 44.  RE: scan stopped by user

    Posted May 25, 2010 02:37 PM

    When I searched my registry for the values mentioned in the technical article they didn't exist at all so I constructed the reg hack to create the missing keys and dword values.  Your version may be different though.  Like you, I found the ScanLocked value already 0, but others may have this locked - so it's really all good info.

    To my fellow IT managers here's my parting comments:  I've moved on.  Symantec Etal, is right to point out that the threat landscape changes daily and relying on a program 10 years old is risky business.   The fact the program continued to run until May 10, 2010 is a testament to how will it was designed.

    The SAV 8.1 system was a dependable "lean, mean anti-virus machine" - perfect for those resource strapped, dedicated machines with minimal or managed threat exposure.  Unfortunately, after ten years of attacking, sophisticated hackers have finally figured out how to disable it.  Symantec can't openly admit this, but if you read between the lines it's clear.  I believe this has gone unnoticed because not all attackers are that sophisticated.  But you can expect more and more attackers will learn how to simply shut it down.  Are you really protected if a zero-day virus can simply shutdown the antivirus service? 

    I've been working with 10.1.9 (aka 10.2, but I think 10.2 is for Vista only), and it's almost as lean as the old 8.1.  There are very little differences in the user interface (look & fee) so this is really not an issue.  You do have to contend with "doscan", but another reg hack can disable it if you really cant live with a slow computer for the first 5 minutes after a boot.  I've just accepted this as a "cost of doing business" with old systems.  I have SEP 11 and didn't have the 10.1/10.2 media so I just called Symantec support and they gave me a temp key to download it.

    Hopefully by the time 10.x is EOL, symantec will have updated LiveUpdate to give a more meaningful error message then "Scan stopped by user".  LiveUpdate should simply refuse to install definitions that cannot be supported by the installed av engine.  While Symantec might not want to support SAV 8.10 with a patch - it seems they could easily have avoided this entire issue with a smarter LiveUpdate and a more focused error message.

    Good luck!

    ThatOldITGuy.
     



  • 45.  RE: scan stopped by user

    Posted May 25, 2010 03:25 PM
    Ya, sure, fine, Ted G..Aren't you late for a meeting somewhere?
    The fact that the program runs with the new definitions after the registry hack kind of foils your point, wot?
    In the end people, it's all about the money. Don't fool yourselves people.


  • 46.  RE: scan stopped by user

    Posted May 25, 2010 03:59 PM
    @ Equine,

    When your system and /or network become compromised, then you will understand the value of staying current with your computer security solution. This issue has nothing to do with money, but everything to do with staying ahead of the bad guys who write the code that infect millions of systems yearly.

    Thomas



  • 47.  RE: scan stopped by user

    Posted May 25, 2010 04:27 PM

    Nice forum name, obviously from the tone of your post it applies in your case.





  • 48.  RE: scan stopped by user

    Posted May 25, 2010 05:41 PM
    I am glad you're having success with 10.x (you're right, 10.2 is the Vista code-base only (unsupported on Windows 7), otherwise it's 10.1.9).

    I just wanted to clarify that it is not LiveUpdate that generates an error message when trying to do a scan (in this thread's case, right-click/contextual).  LiveUpdate updated the defs, which in turn caused the EOLed program to malfunction (because... well, we know why :) ), which in turn caused the scan not to work.  The program didn't know what caused the scan not to work, hence the unfortunately generic message.

    Thanks,
    sandra


  • 49.  RE: scan stopped by user

    Posted May 25, 2010 05:54 PM
    You would be surprised how many people come to this forum (and others) asking for support with their pirated software.  "Standalone PC" set of a red flag in my mind, and SAV CE was a frequently pirated app (see the posting below for a user who "just bought" a PC with XP SP3 and SAV CE 8.x installed).  So my apologies if my questioning of the legitimacy of your install offended, but I stand by my statement that expecting 8 year old software (particularly one which has EOL'd and is an app which now is considered by many to be "subscriptionware") to continue to work is a bit ridiculous.


  • 50.  RE: scan stopped by user

    Posted May 25, 2010 06:56 PM
    The current virus definition sets released daily are no longer tested against SAV 8.  I don' t know how much plainer to put it: since it is no longer tested, there was no way to know it would break SAV 8.  This was not an intentional disable that deserves being branded 'unethical'.

    sandra


  • 51.  RE: scan stopped by user

    Posted May 25, 2010 07:03 PM

    The KB touting the 'supported solution' may resolve the immediate issue--a solution, BTW, that was intended for the given cause of low disk space and low resources and a document that was written in 1999--but the fact remains that on a program this far out of support, something else could come along at any time without notice and cause more problems, with or without warning.

    sandra



  • 52.  RE: scan stopped by user

    Posted May 25, 2010 09:46 PM
    Sandra,

    OK, we'll continue to go in circles on this.  In programing terms, SAV 8.1 suffers from a "Data Sensitivity" issue.   The program has not changed, but the data (Virus definitions) has.  So we can go in circles about whether the problem is caused by bad data or by a bad program.  I'd rather not.

    I understand that Symantec does not want to work on the old code of SAV 8.1 and produce a patch.  Very reasonable to me.  We disagree on what Symantec could have done - I think Symantec should have (and again in the future) update LiveUpdate so as to not effectively break the av engine by giving it data (virus definitions) that will induce the data sensitivity error and leave the unsuspecting user defenseless.

    I don't think you realize how lucky it was that I had even stumbled on to the "scan stopped by user" issue.  I rarely run a manual scan.  I also don't check the SMC logs nearly as often as I should.  It could have been weeks before I would have figured out that I was unprotected and not scanning at all.  If LiveUpdate stopped installing updates even the old SAV 8.1 would eventually (30 days by default) pop-up a message saying the defs were out of date - forcing further investigation.  But at least the scanning would have continued (albeit with old defs).  Not quite defenseless.

    I can safely predict there are thousands of users that don't enjoy my dumb luck and still do not know that their scheduled scans are not running.

    I may have moved on - but this isn't going away for Symantec.  For months and maybe even years users with old AV engines will be popping up trying to figure out the cause of "scan stopped by user" - or worse, how their computer got infected even though their defs are up to date!  I would think Symantec would want to be more proactive with this by updating LiveUpdate.  Heck, it could be good for business.  You might sell some upgrades and quiet the ringing phones....

    Good Luck!

    ThatOldITGuy.


  • 53.  RE: scan stopped by user

    Posted May 26, 2010 01:40 PM

    ..is what started this thread.  It is a valid question.  There have been some valid responses, too!

    I got TO this thread because I have the same problem.  I use the corporate edition NAV.  I use it on a standalone PC even.  The product was purchased by the corporation by which I am employed. 

    I appreciate the boot sector registry edits that were provided.  Thank you.

    Unfortunately, a lot of whining, fussing, excuse-making, and finger-pointing have made a mess of things. 

    I understand the 'EULA' concept..nobody wants to have to take care of a 'thing' forever.  Still, the way this error came about could have been handled considerably better.  Saying 'We told you so!' is pathetic.

    Simply stop the capability of an update process.  'Scan stopped by user' is a ridiculous way to handle it.

    The reason I still used the product is because it is fairly effective.  I understand what it does and does not do.  If I expected it to 'protect' this machine from EVERY 'threat', I could as sensibly expect it to wash my vehicle twice a week.

    Sure.  Newer products from Symantec exist.  I don't use them for a reason...that being I have TRIED to use them, found them to be hopelessly UNuseable, which led to their removal from this machine....or from the machine of the poor schmuck that mucked up THEIR machine with it and couldn't get RID of it.

    I concur with the majority of complaint against Symantec noted here as to how this problem came about in the first place, how it was handled.  As for all of the, 'Oh YEAH!  Well, YOUR mother wears COMBAT boots!' silliness and other excuses? 

    Methinks thou doth protest too much.
     



  • 54.  RE: scan stopped by user

    Posted May 26, 2010 01:50 PM
    SCAN STOPPED BY USER --SAV8 and NAV2002 is Dead

    Well..I think there is no END to this discussion and whatever explanation and Tweaks were possible has been given on this thread..
    But continuing a pointless RANT doesn't make sense.

    SCAN STOPPED BY USER

    Symantec din't do anything to break it and it doesn't have any control over this software. It shares the same definitions as other Symantec products so it was receiving it till date.
    However it got something that it din't expect and broke even the software din't know why it broke so it gave a error message that it was designed to do.

    If it would have been SEP or SAV 10 the definitions would have been tested with the software but nobody cares about that old software so obviously it was not tested..neither will be fixed as Symantec forgot about it a long ago.

    SAV8 was coded 8 years back and it din't know it will get a def one day that it will break and it should give exact error. So no use blaming the error message as well.



  • 55.  RE: scan stopped by user

    Posted May 26, 2010 01:57 PM
    Folks,
     
    In order to evolve our core engine code and virus definitions to stay on top of the ever-changing threat environment, changes and improvements are constantly being introduced into our main product and virus definitions code.  To that extent, we are not able to ensure backwards product/definitions compatibility beyond our End-of-Life (EOL) policy.

    One of the main reasons we EOL a product on a specific OS version is because the OS vendor no longer supports a particular version of the OS.  Once the OS vendor terminates their support of an OS version, the OS vendor no longer patches and maintains that version for new security vulnerabilities that are identified.  At that point, Symantec can no longer team with the OS vendor to ensure the expected level of security for the specific OS versions so we also EOL support for those older versions of the OS.

    Symantec’s EOL policy is to send out EOL notifications to all registered customers 2 ½ years prior to the version’s final EOL date.  That EOL notification is repeated at different intervals up to 1 month prior to the final EOL of a product version.  We are very sorry if you did not receive the product versions EOL notifications as described above. 

    So that you can maintain a high level of security within your current environment, we recommend that you work with your local IT department to upgrade the system(s) in question to both OS Vendor and Symantec supported versions of the Operating System and associated Anti-Virus versions.

    Best,

    Eric