NIS2010 can be damaged by tools or virus

xjltmp · ‎09-09-2009

1.add a key named "ccSvcHst.exe" under IEFO by ICESWORD.

2.restar the system.

3.afer restared the system,we can not see NIS2010 ICON at system tray,3 hidden services and 1 system service is not running.can not start NIS2010 and scan files!

NIS2009 also have the same problem.

A

http://upload.ouliu.net/story/6c5ef2a8afe713375ad1d7f66f7bb588.gif
http://upload.ouliu.net/story/bf4a6f264fffe35a5586274b6705c897.gif

B

if NIS was not installed in C:\ and installed in d:\,we try to format d: and NIS auto exit

http://upload.ouliu.net/story/c9c376a58af550828453def2b1ab22d5.gif

we install NIS2010 on D:

after format d:,we can not start NIS2010,and the NIS icon can not see in system tray.

Message Edited by xjltmp on 09-09-2009 09:21 PM

CAN NIS PROTECT ITSELF MORE STRONGER?!

Message Edited by xjltmp on 09-09-2009 09:28 PM

<<Edit: Fixed the posting error>>

Message Edited by JerryM on 09-10-2009 11:43 AM

Stu · ‎04-08-2008

This is a bad one indeed. have you tested this with other vendors as well?

"All that we are is the result of what we have thought"

Quads · ‎07-21-2008

Hi

There will always be legit tools that can remove Norton, any other program or part of those programs, It is the fact of who is using them or what.

It's the ability of anything Malicous that can do damage, so can be stopped before that occurs. (Sonar, Auto- Protect)

One legit program that can hurt Norton is called the Norton Removal Tool.

ICESWORD is like Sysprot, GMER etc. so needs user to state to do actions

Quads

Message Edited by Quads on 09-10-2009 05:01 PM

Message Edited by Quads on 09-10-2009 05:04 PM

xjltmp · ‎09-09-2009

Can NIS be the Best ? I hope.

Message Edited by xjltmp on 09-09-2009 10:50 PM

xjltmp · ‎09-09-2009

Quads wrote:
Hi

There will always be legit tools that can remove Norton, any other program or part of those programs, It is the fact of who is using them or what.
It's the ability of anything Malicous that can do damage, so can be stopped before that occurs. (Sonar, Auto- Protect)

One legit program that can hurt Norton is called the Norton Removal Tool.

ICESWORD is like Sysprot, GMER etc. so needs user to state to do actions

Quads
Message Edited by Quads on 09-10-2009 05:01 PM
Message Edited by Quads on 09-10-2009 05:04 PM

How NIS to differentiate between legit tools and Malicous?

If virus or other programs do the same action like icesword do in background and user don't know,can NIS (Sonar) stop it?

Quads · ‎07-21-2008

Umm, By detection.

That is why Symantec has the Security Reponse Team / Center.

Quads

xjltmp · ‎09-09-2009

Quads wrote:
Umm, By detection.

That is why Symantec has the Security Reponse Team / Center.

Quads

If NEW malicious and SRC didn't know it,can NIS detect it by action analysis ?

shane_pereira · ‎04-13-2008

xjltmp wrote:
Quads wrote:
Umm, By detection.

That is why Symantec has the Security Reponse Team / Center.

Quads

If NEW malicious and SRC didn't know it,can NIS detect it by action analysis ?

Yes. SONAR monitors all actions/behaviors performed by all processes running on the machine and then makes a determination if the process is truly malicious. There are 100s of factors that are considered before such a determination is made. In addition SONAR also consults the backend Quorum engines to further increase the accuracy of the decision.

Shane.

xjltmp · ‎09-09-2009

i found NAVENG,NAVEX15 and SRTSP services can not auto run without ccSvcHst.exe running,but other 8 hidden services can auto run.Why not set all the services auto run?