My experience with Norton Antivirus 2002 and 2003

Discussion in 'other anti-virus software' started by Illusion, Dec 7, 2002.

Thread Status:
Not open for further replies.
  1. Illusion

    Illusion Guest

    I have installed Norton Antivirus 2002 and 2003 in many computers at my work and i am very dissapointed with its results. Especially with Opaserv, we had many clients infected with this virus, always from e-mails from Outllook or Outllook Express even with the latest update from the internet. I would be gratefull if someone could post some tips for norton antivirus for better results and alternative antivirus. I am mostly interested in Outlook or Outlook Express protection. Tahnks!
     
  2. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Best corporate solutions(better then NAV) that I suggest(clients) are:

    Command AntiVirus
    Sophos Antivirus

    Don't know about Norton Tips! Sorry....


    Technodrome
     
  3. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Well, there are some diehard Norton fans around that may have some ideas as to what might be wrong.
    As for alternatives, NOD32 certainly does a good job on email.
    I am currently using DrWeb and it checks email and they have a beta version of Spidermail that I have been using with much success. It works with Spider Guard which is the Dr Web resident protection.
    I have not used an AV in a corporate environment where AVs may be set up to protect a lan, so you might want to give a little more information on your setup, as it could make a difference.
    I dropped Norton long ago when its size started outweighing its strength.
     
  4. Illusion

    Illusion Guest

    Some of the computers are connected to the network and some are not. I just use Norton antivirus 2003, not even the pro version. I have tried Kaspersky but when it found an infected e-mail a mesage appeared saying that Kaspersky is going to delete all the inbox!!
    Any ideas how to make Outllok Express safer? (for example a way to prevent receiving of attachments and other ideas). Thanks!
     
  5. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    In Outlook Express, goto Tools and the Options. Click on the Security tab and then check the box next to "Do not allow attachments to be saved or opened that could potentially be a virus".

    Go here for more info:

    http://www.jmu.edu/computing/security/info/outlookav.shtml


    Technodrome
     
  6. controler

    controler Guest

    I am guessing you did NOT have the latest def's. Norton has no problem with that nasty. If you had e-mail scanning option enabled, it should have been fine. If you have latest IE updates, along with that, you should be fine. If you are running XP, try the AVAST beta and you will like it ;)

    http://www.avast.com/beta/
     
  7. Illusion

    Illusion Guest

    I have enabled automatic live update and e-mail scanning
     
  8. Illusion

    Illusion Guest

    Technodrome the option you mentioned under tools->options->security does not exist. I have Win98se and outolook express 5.
     
  9. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,350
    Location:
    The Netherlands
    It's a IE 6.0 feature, so that stands to reason.

    About NAV, do you wait for automatic LiveUpdate to download the updates, or do you check the site yourself on a regular basis?

    http://securityresponse.symantec.com/avcenter/defs.download.html

    That site has new definitions 4 or 5 times a week, while LiveUpdate usually only provides fresh updates once a week.

    Most folks "in the know" download the updates manually for that very reason.

    Here's Symantec's explanation:

    Why doesn't LiveUpdate download definitions when the Security Response Web site or a virus writeup shows that more recent definitions are available

    However, IMHO no amount of explaining could justify this lax behavior, and it could well be the reason why these computers got infected in the first place.

    One good reason to go for another antivirus. I recommend ESET's Nod32.
     
  10. Borgmann

    Borgmann Guest

    BTW: Opaserv does not spread via Email it spreads vie Netbios(Port 137-139) You have to close thus Port ifyou do not want to get infected again.

    MfG Ralf
     
  11. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,350
    Location:
    The Netherlands
    Good point! :)

    On these affected machines, are you running a firewall at all?
     
  12. Illusion

    Illusion Guest

    I have enabled live update but not installed any firewall. The reason is that most of the computers infected are connected to a network so i may have problems. As for Nod32 it is not available in my country. The ones that i can have are: Norotn , mcafee, panda titanium drweb, bitdefender,kaspersky(i haver tried it but it needs many resources and slows the computer considerably)
     
  13. Jack Ryan

    Jack Ryan Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    7
    Location:
    UK
    I find this disappointing. Especailly when I followed the link to Symantec's explanation of the issue. Does anyone know if there is any plan in the future to make NAV's automatic updates more like those of NOD32 (which I'm currently trialing while waiting for my NSW to arrive in the mail). It seems silly to have to go online to their webpage if you want the most recent update (and it's not a Wednesday) - and it seems as if it would be all too easy for them to just put the latest update on the server. Oh well, I'll stop rambling. Does anyone else see this as a problem - or know of a solution if, as it looks like, I'm going to become a NAV user? All I know is that NOD32's system of update is easy, efficient - a downright no brainer! That being said, I thought I'd plunk down the cash for Norton this time - that was before I knew about the updates . . . OR, is it simply enough to trust their judgement as to when an alert is on and when my product should be especially updated (not on a Wednesday) through automatic update. Thanks - Jack :)
     
  14. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    I did, some time ago, write a batch file, which you could call from Scheduler or run at startup. I still use it to get my own updates.
    I'm not to sure if Symantec would be jumping for joy if I posted the content here, but if you would e-mail me your OS I would be happy to adapt it for you and mail it to you.

    Regards,

    Pieter
     
  15. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    The files are on their way, Jack.

    Regards,

    Pieter
     
  16. Yinda

    Yinda Registered Member

    Joined:
    Nov 17, 2002
    Posts:
    78
    Technodrome wrotes:

    Do you know that OE6 considers gif attachments as unsafe and doesn't allow to save them on disk? :D

    NB. Approximative translation : OE has suppressed the access to the following attachments because they are not reliable : xxx.gif

    Regards,

    Yinda
     

    Attached Files:

  17. Jack Ryan

    Jack Ryan Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    7
    Location:
    UK
    Cheers Pieter,
    Jack.
     
  18. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Hi Jack,

    I take it my little batch file works for you :)

    If so, you´re welcome. If not, let me know and I´ll try to fix it.

    Pieter
     
  19. Jack Ryan

    Jack Ryan Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    7
    Location:
    UK
    Hi Peter,
    Haven't got around to installing and testing it yet. I just got NSW 2003 installed on my computer today.
    Thanks! Will let you know if I have any problems when I do get around to testing it. - Jack
     
  20. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    Just a heads-up, something is badly wrong with your installation(s) of NAV if you got infected by Opaserv. I have done extensive personal testing and know for certainty that NAV detects and cleans all variants of Opaserv, including the latest one (variant "K"):

    Symantec Security Response - W32.Opaserv.K.Worm
    http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv.k.worm.html

    Symantec Security Response - W32.Opaserv.G.Worm
    http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv.g.worm.html

    Symantec Security Response - W32.Opaserv.Worm
    http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv.worm.html

    Symantec Security Response - W32.Opaserv.E.Worm
    http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv.e.worm.html

    Symantec Security Response - W32.Opaserv.H.Worm
    http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv.h.worm.html

    Symantec Security Response - W32.Opaserv(win.ini)
    http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv(win.ini).html

    Symantec Security Response - W32.Opaserv.J.Worm
    http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv.j.worm.html

    Symantec Security Response - W32.Opaserv.Worm Removal Tool
    http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv.worm.removal.tool.html

    NOTE: the Win.ini detection is not of the worm itself, but of the changes it makes to the Win.ini file.
     
  21. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    will i have nav 2002 and i use it cause im a newby install and forget it typ utlity.

    but if your a die hard virus killer i go with nod 32 i guess its like tds but with viruses its dah bomb

    yup nods to viruses as tds is to trojans kills first ask qustions later after it pumps a bunch of holes into the bady and spits on it and tosses its dead infected corpse into a ditch lol

    so if you want a mercylesss virus killing machine get nod
     
Loading...
Thread Status:
Not open for further replies.