Vista v.s. Norton

Discussion in 'Windows Vista Security' started by John King, Jul 9, 2007.

  1. John King

    Paul Smith Guest

    That's your opinion. I agree with Ken.

    The way Symantec has been acting over the years they deserve nothing less
    than going out of business. Just take the whole propaganda campaign and
    whining over PatchGuard in 64-bit. They want to hack your kernel, and come
    SP1 we'll all have to deal with their unimprovements to the OS.

    --
    Paul Smith,
    Yeovil, UK.
    Microsoft MVP Windows Shell/User.
    http://www.dasmirnov.net/blog/
    http://www.windowsresource.net/

    *Remove nospam. to reply by e-mail*
     
    Paul Smith, Jul 15, 2007
    #21
    1. Advertisements

  2. John King

    Sally Guest

    I used to use McAfee for a number of years.
    After viruses almost disabled my computer, I used the Norton cleaner and it
    fixed everything.

    After that I switched to Norton Internet Security and I have never had a
    problem since.
    I mistakenly updated to the new Norton 360, it disabled by XP by doubling my
    memory backup.
    I could not do anything and quickly got rid of it.
    I reinstalled the Internet Security and everything went back to normal, but
    I realized it was time to change my computer.

    I have Vista Home Premium and put in Norton Internet Security 2007.
    I love it and recommend it. 360 is good for those with lots of memory space
    and that need a program to do everything for them.
    I have never liked the Systemworks and that is part of 360, I am very happy
    without it but I am still a Norton Fan.
     
    Sally, Jul 17, 2007
    #22
    1. Advertisements

  3. On Fri, 13 Jul 2007 08:10:03 -0500, Crito
    I'd add an antivirus scanner to that.
    ROTFL!

    And how do you filter the malware you never bothered to detect from
    your "full system backup" that has the malware built into it?
    See above. It sounds like you are relying on time (the "great
    X-axis") to scope in what you want and scope out what you don't want.

    That in turn implies you are expecting the adverse impact of malware
    to be immediately obvious.

    However, a typical malware strategy is to lie low and not attract
    immediate attention, so that it can pervade "full system backups".

    Or is the installation you are restoring, one that was made long ago?

    If so, you'd want to preserve all the data you created since then, and
    you'd have to be sure this did not maintain the malware.

    Even the most limited account rights will let "you" write to your data
    set, so won't stop malware from infecting it, and backups thereof.

    I'm so sick of folks waving "just" backup and "just" wipe and rebuild
    as if these were magically simple ways to solve problems.

    They are not. Both approaches are sound, have their place, but
    involve complexity approaching that of formal malware management.


    The most accurate diagnostic instrument
    in medicine is the Retrospectoscope
     
    cquirke (MVP Windows shell/user), Jul 17, 2007
    #23
  4. I'm so sick of folks waving "just" try this scanner, "just" try this
    "removal tool" as if these were magically simple ways to solve
    problems.
     
    Straight Talk, Jul 17, 2007
    #24
  5. I quite agree with you, especially with respect to online scanning
    (which has always seemed the ultimate leap of faith).

    Formal scanning is in the same complexity frame as building a system
    to stay clean (given that the last attempt to do that, failed, which
    is why the topic arises in the first place) or data in and malware out
    when planning a restore of backups.

    The reason is that the underlying problem has that complexity built
    into it. Occam's Razor meets the Halting Problem, and the Halting
    Problem wins ... hey, a new tag is born!

    So my posts on this topic are a lot longer than "just" this or "just"
    that, and it is harder than it needs to be, because MS haven't forseen
    the need to formally clean PCs. After all, Windows is now "so
    secure", it never gets infected, so the need doesn't arise? What "95%
    of spam is sent through botnets" problem?


    I wish the "wipe vs. clean" argument would fade away, because it is as
    silly as "are PCs infected because of code exploits or dumb users?"

    There is no duality here. Both approaches are complex, and
    appropriate to various circumstances. It's no good having a kidney
    transplant for a bad liver, just because you don't have a liver donor.


    I'll leave you (or rather, more simplistic others, as I think you're
    aware of what's involved) with two final thoughts:

    1) If the perfect malware is undetectable...

    ....then should all normally-working PCs be considered infected and
    "just" wiped and rebuilt? Or "just" all PCs that show any ill-defined
    problems, given that most malware is imperfect?

    IOW, if you cannot be shure you can exclude malware, the problem
    expands beyong "infected PCs" to "PCs that may be infected".

    2) Do users want to kill malware enough?

    If a user has a chice between a working system that happens to send
    out masses of spam via thier "all you can eat" broadband connection,
    and "just" wiping the box and not preserving any data, which do you
    think they will choose?

    Does history of piracy, file sharing, etc. suggest users will swallow
    pain to "do the right thing" for nameless others?


    When Occam's Razor meets the Halting Problem,
    the Halting Problem wins
     
    cquirke (MVP Windows shell/user), Jul 20, 2007
    #25
  6. John King

    The Sand Guest

    Thanks for the info cquirke. It sounds like "malware" is a real
    problem. If you have Norton 360 - or any major anitviral/anitspam
    program are you truly protected from these things. I always wonder if
    they really do what they claim. I do my scans and my Norton gives me
    the "thumbs up" but I wonder....

    Sandy
     
    The Sand, Jul 21, 2007
    #26
  7. Good idea.
     
    Straight Talk, Jul 21, 2007
    #27
  8. John King

    The Sand Guest

    Good idea
    ---------------------

    Okay... so if these programs we purchased (Norton and the like) aren'
    doing a good job protecting us like we think they are... what do yo
    use??? or recommend we do to protect ourselves from "Malware" etc. Al
    advice is good...

    Thanks
    Sand
     
    The Sand, Jul 21, 2007
    #28
  9. On Fri, 20 Jul 2007 22:26:16 -0500, The Sand
    I see the av as the "goalie as last resort"; if it's popping up all
    the time to tell you it stopped this or that, then you are taking too
    many risks. Ideally, it should never see anything to catch, i.e. you
    should play your game so well that no malware ever gets close enough
    to take a shot at the goalie.

    Antivirus catches most things, irrespective of how they get in.

    Risk management may block only certain routes of entry, but can do so
    more absolutely than av.

    So the two approaches mesh really well.

    The problem is, a pure network worm can go global in under an hour,
    and a 1-generation spam-out can get malware to you and your av vendor
    at about the same time. Both scenarios make your "daily av update"
    look a bit weak to rely on, even before you factor in the time an av
    vendor needs to rev-eng a new malware and dev a fix for it.
    The good ones will be careful about what they claim to do ;-)
    Scanning the whole system for malware (while standing in the infected
    OS) can be worse than a waste of time. If the av's let something
    through, then both you and the av have failed. Using the same av that
    failed to catch it "live" isn't a winning strategy; even if the av's
    now updated to "see" the malware, the active malware is
    well-positioned to prevent itself from being removed.

    Don't EVER thing ANY antivirus will protect you so well that you can
    take stupid risks. That's like thinking you can crash into oncoming
    traffic because you're wearing a seatbelt...

    (and yes, "physical world analogy alert"... how's it going with your
    desktop, folders and files out there? Where do you think those
    concepts came from, or "virus" for that matter?)


    Dreams are stack dumps of the soul
     
    cquirke (MVP Windows shell/user), Jul 21, 2007
    #29
  10. I don't use any kind of anti-whatever stuff, actually. I put all my
    efforts into preventing it in the first place. That doesn't mean I
    would recommend others to do the same just like that, though.
    A good start is to learn understanding the risks. If you don't
    understand the channels through which malware can get in you're likely
    to do stupid things that security software won't keep protecting you
    from.

    The vast majority of malware infections still comes down to the user
    not paying proper attention (clicking links in e-mails, opening e-mail
    attachments, running questionable programs obtained from e.g.
    file-sharing app's a.s.o.). You need to be constantly aware of what
    you're doing and not install and run any piece of code you run into -
    no matter how sweet the guy who sends it to you seems to be.

    Then there are malware infections and stuff like ad ware annoyances
    spread through client side scripting (code run locally on your
    machine) like ActiveX (a flawed MS concept found in IE), Java, Java
    Script, VB Script etc. being executed in your web browser, your mail
    client etc.

    Then there are the nasty malware infections taking advantage of flaws
    in software - something you can do almost nothing against except from
    running not awfully flawed software and keeping it patched.

    The best thing you can do for starters is to harden your OS (configure
    it securely and reduce the amount of code running to a minimum). Get
    help from someone who knows how to do this - and then keep your OS and
    other software patched!!

    Run a limited user account for daily tasks and use only the
    administrator account for what it was meant for.

    Stay away from awfully flawed software like Outlook and Internet
    Explorer except for sites you trust that won't run without it. Use a
    browser that allows you to easily control whether scripting is allowed
    to run by site (e.g. "Opera" or "Firefox with the NoScript plug in").
     
    Straight Talk, Jul 22, 2007
    #30
  11. John King

    The Sand Guest

    Thanks for your replies cquirke and Straight Talk. I do think I have a
    better understanding of malware now...

    I don't consider myself an "idiot user" or a "risk taker" when using my
    computer but I also don't think (after reading this) that I do all I can
    either. I run everything from my "Administrator Account." Recently
    when my comptuer crashed Microsoft set up a new account and put my data
    into the new one (the administrator account got corrupted.) So, maybe
    running everything from one account is not such a good idea.

    I have Norton 360 on both my systems and I never hear them "flag"
    anything. The new 360 doesn't have the logs the old Norton had - which
    I don't like. They have this "statistics" page but it doesn't have near
    the info the old logs had (like if you were attacked, your firewall and
    what it's done, scans and how long they take, email, etc.) So, you
    really don't know with them now - what they are really doing. When I
    ran with the old Norton SystemWorks it would tell me now and again (on
    my XP computer) that I was attacked by a "trojan horse" and they blocked
    it. I don't know if "I" was doing something stupid at the time and
    that's why the attack happened... but I don't think so.

    As for "harden your OS (configure
    it securely and reduce the amount of code running to a minimum.)" by
    Straight Talk. I'll need help with that... but I'll get it.

    Thanks for the information... I know it helps more than just me when
    you take the time to reply here.

    Sandy
     
    The Sand, Jul 22, 2007
    #31
  12. On Sun, 22 Jul 2007 15:00:58 -0500, The Sand
    Me2. When I found safer UI settings were set back to unsafe duhfaults
    upon making an XP "Gold" user account a "limited user", I thought "to
    hell with this; I'd rather have my choice of settings and admin
    exposure, thanks". I don't know whether XP SP2 is still as broken;
    it's a lot of work setting up a new user account, and I don't relish
    doing it for nothing if the OS is too brain-dead to keep my settings.
    Microsoft, as in PSS? Or Window' internal logic?
    Windows is weak on protecting per-account registries, but these things
    can usually be fixed via Bart. Often, it is either:
    - a corrupted user registry hive log file
    - rename away old log file
    - repair file system
    - a corrupted user registry hive
    - harvest previous copy of the hive via Bart
    - rename things so this is in effect
    - test from Bart via RunScanner
    - if OK, test Safe Mode, then Windows etc.

    On "harvesting registry hives via Bart", see;

    http://cquirke.blogspot.com/search?q=System+Restore+Bart+hive
    That sounds crap. If a malware is cleaned up, you need to know
    everything about it; where the file was, what it was called, the same
    of the malware and perhaps a link to a write-up, what the malware was
    doing at the time it was caught, what registry clean-up was done, etc.

    Else you break the "no unlogged changes to the system" rule.
    I switched from "neutral, but not recommended" to "avoid" on Norton AV
    when they started including commercial malware (DRM) within the
    package. If I have to go hand to hand with malware, I do NOT want to
    have to ask myself: "Is this stealth file part of the malware of
    Norton's 'special code'? If I remove this, will I kill the av?"

    I can avoid that mess for free, and do.
    Thanks for the thanks - it's a pleasure ;-)

    "Why do I keep open buckets of petrol next to all the
    ashtrays in the lounge, when I don't even have a car?"
     
    cquirke (MVP Windows shell/user), Jul 23, 2007
    #32
  13. John King

    The Sand Guest

    Microsoft, as in PSS? Or Window' internal logic?

    To answer your question, Microsoft PSS - he was fabulous! It was $59
    and he spent 4 hours with me one day. I Emailed him before bed because
    I encountered another problem and he CALLED me in the morning and spent
    another 2 hours with me that day. Quite often I think things are not
    worth the money but not this time... I would have totally paid more...(
    know this was off topic but the opportunity presented itself - and so
    often in life things are "not" as good as they should be so when that is
    "reversed" it is worth a mention.)

    Sandy
     
    The Sand, Jul 23, 2007
    #33
  14. On Mon, 23 Jul 2007 00:04:58 -0500, The Sand
    Cool! It's not often that one gets to deal with PSS (most Windows is
    OEM, and *as* an OEM, I don't have access to PSS) but whenever I have
    done, as for example in this case...

    http://cquirke.mvps.org/sp2intel.htm

    ....they've been really good.
    Yes, I agree!

    I asked the question as Windows will automatically spawn new account
    settings and/or use a temporary account set that is discarded when you
    log out or shut down, when it detects the "real" account to be bad.

    There are a whole lot of Qs and As that arise when *that* happens
    ;-)


    The most accurate diagnostic instrument
    in medicine is the Retrospectoscope
     
    cquirke (MVP Windows shell/user), Jul 23, 2007
    #34
  15. John King

    The Sand Guest

    cquirke wrote:

    Cool! It's not often that one gets to deal with PSS (most Windows is
    OEM, and *as* an OEM, I don't have access to PSS) but whenever I have
    done, as for example in this case...

    'http://cquirke.mvps.org/sp2intel.htm'
    (http://cquirke.mvps.org/sp2intel.htm)

    .....they've been really good.
    ---------------------------------------

    Really, my Vista is OEM. I didn't know microsoft cared. Every time
    I've called to get tech support from my OEM I have totally regretted it.
    It's FREE and I STILL won't call them. I always figure the best people
    to fix it is those who created it...;) thus I call Microsoft.


    Sandy
     
    The Sand, Jul 24, 2007
    #35
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.