My experience with Norton Antivirus 2002 and 2003

I have installed Norton Antivirus 2002 and 2003 in many computers at my work and i am very dissapointed with its results. Especially with Opaserv, we had many clients infected with this virus, always from e-mails from Outllook or Outllook Express even with the latest update from the internet. I would be gratefull if someone could post some tips for norton antivirus for better results and alternative antivirus. I am mostly interested in Outlook or Outlook Express protection. Tahnks!

 

Best corporate solutions(better then NAV) that I suggest(clients) are:

Command AntiVirus
Sophos Antivirus

Don't know about Norton Tips! Sorry....


Technodrome

 

Well, there are some diehard Norton fans around that may have some ideas as to what might be wrong.
As for alternatives, NOD32 certainly does a good job on email.
I am currently using DrWeb and it checks email and they have a beta version of Spidermail that I have been using with much success. It works with Spider Guard which is the Dr Web resident protection.
I have not used an AV in a corporate environment where AVs may be set up to protect a lan, so you might want to give a little more information on your setup, as it could make a difference.
I dropped Norton long ago when its size started outweighing its strength.

 

Some of the computers are connected to the network and some are not. I just use Norton antivirus 2003, not even the pro version. I have tried Kaspersky but when it found an infected e-mail a mesage appeared saying that Kaspersky is going to delete all the inbox!!
Any ideas how to make Outllok Express safer? (for example a way to prevent receiving of attachments and other ideas). Thanks!

 

In Outlook Express, goto Tools and the Options. Click on the Security tab and then check the box next to "Do not allow attachments to be saved or opened that could potentially be a virus".

Go here for more info:

http://www.jmu.edu/computing/security/info/outlookav.shtml


Technodrome

 

I am guessing you did NOT have the latest def's. Norton has no problem with that nasty. If you had e-mail scanning option enabled, it should have been fine. If you have latest IE updates, along with that, you should be fine. If you are running XP, try the AVAST beta and you will like it

http://www.avast.com/beta/

 

I have enabled automatic live update and e-mail scanning

 

Technodrome the option you mentioned under tools->options->security does not exist. I have Win98se and outolook express 5.

 

It's a IE 6.0 feature, so that stands to reason.

About NAV, do you wait for automatic LiveUpdate to download the updates, or do you check the site yourself on a regular basis?

http://securityresponse.symantec.com/avcenter/defs.download.html

That site has new definitions 4 or 5 times a week, while LiveUpdate usually only provides fresh updates once a week.

Most folks "in the know" download the updates manually for that very reason.

Here's Symantec's explanation:

Why doesn't LiveUpdate download definitions when the Security Response Web site or a virus writeup shows that more recent definitions are available

However, IMHO no amount of explaining could justify this lax behavior, and it could well be the reason why these computers got infected in the first place.

One good reason to go for another antivirus. I recommend ESET's Nod32.

 

BTW: Opaserv does not spread via Email it spreads vie Netbios(Port 137-139) You have to close thus Port ifyou do not want to get infected again.

MfG Ralf

 

Good point!

On these affected machines, are you running a firewall at all?

 

I have enabled live update but not installed any firewall. The reason is that most of the computers infected are connected to a network so i may have problems. As for Nod32 it is not available in my country. The ones that i can have are: Norotn , mcafee, panda titanium drweb, bitdefender,kaspersky(i haver tried it but it needs many resources and slows the computer considerably)

 

I find this disappointing. Especailly when I followed the link to Symantec's explanation of the issue. Does anyone know if there is any plan in the future to make NAV's automatic updates more like those of NOD32 (which I'm currently trialing while waiting for my NSW to arrive in the mail). It seems silly to have to go online to their webpage if you want the most recent update (and it's not a Wednesday) - and it seems as if it would be all too easy for them to just put the latest update on the server. Oh well, I'll stop rambling. Does anyone else see this as a problem - or know of a solution if, as it looks like, I'm going to become a NAV user? All I know is that NOD32's system of update is easy, efficient - a downright no brainer! That being said, I thought I'd plunk down the cash for Norton this time - that was before I knew about the updates . . . OR, is it simply enough to trust their judgement as to when an alert is on and when my product should be especially updated (not on a Wednesday) through automatic update. Thanks - Jack

 

I did, some time ago, write a batch file, which you could call from Scheduler or run at startup. I still use it to get my own updates.
I'm not to sure if Symantec would be jumping for joy if I posted the content here, but if you would e-mail me your OS I would be happy to adapt it for you and mail it to you.

Regards,

Pieter

 

The files are on their way, Jack.

Regards,

Pieter

 

Technodrome wrotes:

Do you know that OE6 considers gif attachments as unsafe and doesn't allow to save them on disk?

NB. Approximative translation : OE has suppressed the access to the following attachments because they are not reliable : xxx.gif

Regards,

Yinda

 

Cheers Pieter,
Jack.

 

Hi Jack,

I take it my little batch file works for you

If so, you´re welcome. If not, let me know and I´ll try to fix it.

Pieter

 

Hi Peter,
Haven't got around to installing and testing it yet. I just got NSW 2003 installed on my computer today.
Thanks! Will let you know if I have any problems when I do get around to testing it. - Jack

 

Just a heads-up, something is badly wrong with your installation(s) of NAV if you got infected by Opaserv. I have done extensive personal testing and know for certainty that NAV detects and cleans all variants of Opaserv, including the latest one (variant "K"):

Symantec Security Response - W32.Opaserv.K.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv.k.worm.html

Symantec Security Response - W32.Opaserv.G.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv.g.worm.html

Symantec Security Response - W32.Opaserv.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv.worm.html

Symantec Security Response - W32.Opaserv.E.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv.e.worm.html

Symantec Security Response - W32.Opaserv.H.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv.h.worm.html

Symantec Security Response - W32.Opaserv(win.ini)
http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv(win.ini).html

Symantec Security Response - W32.Opaserv.J.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv.j.worm.html

Symantec Security Response - W32.Opaserv.Worm Removal Tool
http://securityresponse.symantec.com/avcenter/venc/data/w32.opaserv.worm.removal.tool.html

NOTE: the Win.ini detection is not of the worm itself, but of the changes it makes to the Win.ini file.

 

will i have nav 2002 and i use it cause im a newby install and forget it typ utlity.

but if your a die hard virus killer i go with nod 32 i guess its like tds but with viruses its dah bomb

yup nods to viruses as tds is to trojans kills first ask qustions later after it pumps a bunch of holes into the bady and spits on it and tosses its dead infected corpse into a ditch lol

so if you want a mercylesss virus killing machine get nod