Is Malware Targeting Norton???

Discussion in 'other anti-virus software' started by kdcdq, Apr 1, 2012.

Thread Status:
Not open for further replies.
  1. kdcdq

    kdcdq Registered Member

    Joined:
    Apr 19, 2002
    Posts:
    657
    Location:
    Southwestern Massachusetts
    I am just making an observation: every system I have disinfected in the last two months (more than 20) have all been running some flavor of Norton. o_O

    Is anyone aware of current malware that is targeting systems with Norton on them??
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Norton is very popular, especially among business computers (nice targets for malware.) While Norton isn't necessarily being exploited you can bet that malware authors make sure their payloads bypass Norton's protections before releasing it.

    That... and I've never been too impressed with Norton's protection.
     
  3. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    No more than any other AV. It doesn't help if Norton flavours were old or not regularly updated.
     
  4. kdcdq

    kdcdq Registered Member

    Joined:
    Apr 19, 2002
    Posts:
    657
    Location:
    Southwestern Massachusetts
    Yes, most of the infected machines were running 2010 and 2011 versions of Norton. :ouch: Several, however, are running various 2012 flavors....:p
     
  5. shanep

    shanep AV Expert

    Joined:
    Sep 10, 2008
    Posts:
    54
    Hi kdcdq,

    Thanks for pointing this out. What kinds of threats are you finding on these machines ?

    Thanks,

    Shane.
     
  6. kdcdq

    kdcdq Registered Member

    Joined:
    Apr 19, 2002
    Posts:
    657
    Location:
    Southwestern Massachusetts
    I found various forms of adware, spyware, viruses, trojans, and one rootkit on the infected machines. No one machine had more than five infections. Fortunately all of the machines are now malware free (so we hope)...:rolleyes:
     
  7. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,219
    Unfortunately an antivirus alone (Norton nowadays is among the best available) is not enough, another layer is absolutely necessary to have some peace of mind.
     
  8. Atul88

    Atul88 Registered Member

    Joined:
    Dec 8, 2011
    Posts:
    259
    Location:
    India
    Yeh i used to get so many activities in history with alone Norton AV & winxp firewall.:eek: :eek:
    Since i installed private firewall, no more activities!!!:D :D
     
  9. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Nonsense. This might have been true years ago when AV's were strictly that. But today they have all sorts of systems to combat all kind sof malware and this just doesn't apply anymore.
     
  10. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    There is no need to patch OS, no need to secure browser, no need to not click on any link. AV will protect against all. Layers are so last year.
     
  11. Rampastein

    Rampastein Registered Member

    Joined:
    Oct 16, 2009
    Posts:
    290
    What I believe RejZoR meant is that these "AVs" (which are actually more or less suites) already contain multiple layers nowadays. Sure, there's other things that are useful to do too like keeping your OS up to date, but you don't necessarily need other 3rd-party protection software with one of the most efficient suites.
     
  12. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    except when removing malware that sneaked in.
     
  13. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,728
    Location:
    localhost
    Not even, if you use certain security tools. They do it for you. ;)
    But I agree that piling security tools one on top of the other (layered protection) is helping more the security companies than the user. Just use one good tool and master it, its all what you need.
     
  14. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    As in in addition to whatever suite used ;) Otherwise, when talking about layers it is not 2, 3 or more security software that is meant as a layer (security software is but one layer)
     
  15. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,219
    To each its own, I believe that years ago one could do with only an AV, nowadays all my computers have sandboxing and virtualization, the antivirus has a relative importance in my security. Norton has had so far excellent results in almost every test, still they cannot guarantee 100% security, and neither Avast can for that matter.
     
  16. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Something will always sneak past something. Do you really want 15 anti-malware tools on your system?

    Using an AV with good track record, patched OS and up to date browser are imo enough to keep 99% of ppl perfectly safe.

    I usually just run Norton Power Eraser or Comodo Killswitch/Autoruns to quickly checkup my systems. But they never found anything that avast! didn't. And i can say similar thing for other products like AVIRA, AVG or MSE...

    @Osaban
    And what can guarantee 100% protection? There is no such thing as 100% protection. Not in computer world or anywhere else.
     
  17. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,219
    My main security suite is Chrome + Sandboxie + Rollback Rx. Do you really think NIS or Avast Internet Security can beat that? I repeat to each its own.
     
  18. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    I am curious. What did you use for cleaning the Malware? Antivirus Live CD, MBAM, SAS, Emsisoft Emergency Kit, etc.
     
  19. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    I dont think malware is targeting norton. Norton is just used alot. when people think of antivirus software most will think of norton and mcafee.

    I would be interested to know which versions of norton where installed on the machines you cleaned and if they were up to date and in subscription period.
     
  20. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,728
    Location:
    localhost
    Yeap, correct in an ideal world of informed users. Unfortunately this is translated (for the majority of the users out there, not wilders) in to piling up overlapping tools with overall negative effects on protection.

    Keep the system and its components updated (including simply not stopping automatic updates as often happens in many PCs), LUA, well managed/kept single security suites (the majority of them already including several advance protection mechanisms such as sanboxing, heuristics, backup, firewall, hips and emergency recovery tools) and user education are much more effective than running multiple tools. Just another type of layered approach, better tuned to the users out there. :)

    Going back to the post, Norton is not more vulnerable but just more used. And I am sure going back to those infected PCs you will see that aside Norton not being updated there will be other problems at the level of OS or the applications used or the careless of the user.
     
  21. kdcdq

    kdcdq Registered Member

    Joined:
    Apr 19, 2002
    Posts:
    657
    Location:
    Southwestern Massachusetts
    I used MBAM, SAS, Spybot, DrWeb CureIt, Comodo Cleaning Essentials, Hitman Pro, and Norton Power Eraser to clean the infected systems..*puppy*
     
  22. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    In practicality and user friendliness, yes, every time. If sandboxing and system backup would be the magic bullet, everyone would be using it. But this just isn't the case, don't you think? Not everyone are willing to geek around manual sandboxes. Some just want to work and be automatically protected at the same time.
     
  23. Atul88

    Atul88 Registered Member

    Joined:
    Dec 8, 2011
    Posts:
    259
    Location:
    India
    Yeh. So True :cautious: :cautious:
    In January i was infected by a trojan-downloader .
    I scanned it with Bitdefender (6/6 in repair in AV-TEST) o_O o_O
    Norton. Yeh Yeh norton!!!:blink: :blink:
    Avira......
    Malwarebytes.......
    Bootable Avira-GDATA-Bitdefender-AVG :doubt: :doubt:
    at the end of the scan, it said TR-Downloader is deleted
    YOUR SYSTEM IS SECURE
    MY A$$
    after 10 min. Avira-Bitdefender started detecting sality, trojan again....o_O
    The only thing that worked for me was Formating the system partition.
    i wish i had tested Hitman PRO at that time!!!
     
  24. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,219
    You see the beauty is that what I'm using as a suite is not even anti-malware per se (I would have thought you knew the difference between instant system restore and backup, perhaps that's too geeky).

    Everyone is not using it only because it is more profitable to charge people every year rather than once, AVs are the biggest rip off ever created as far as the Internet is concerned, and that is the only reason most people are lead to believe that an AV is all they need, marketing, aggressive marketing.

    As for your user friendliness, I see it more as user blindness which inevitably leads to multiple infections. Haven't you read the first post on this thread?
     
  25. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,728
    Location:
    localhost
    The reasons not all use your solution is that they are unfortunately not fully user friendly and needs some actions and understanding from the users side. This will create nightmares on novice and casual users (most out there). Kids want to play games and to do so you may need to tune up some protection components outside the sandbox or user Y want to print and it fails so because its need to add a specific registry into the exclusion... and so on...

    May be it will come a day in which users could make use of this tools with little if no knowledge. Unfortunately, so far, this is a niche market. You have even some major security company removing sandboxing components from their security tools.

    So, to each its own...
     
Loading...
Thread Status:
Not open for further replies.