ablatt. Most of the posts here are by volunteer users like you and me. Symantec employees have their names in red letters. You will probably see posts recommending another scan with a non resident scanner. These recommendations are usually made by these volunteers. We do this because no one scanner can detect 100% of malware.

Hello all:

 

I have been reading through these posts and this discussion seems to have reached a level of sophistication unbelievable.  I'm not certain if what I have to add even merits posting, but, I figure hell, might as well. 

 

Even outside of my Norton protection, there are a number of procedures I perform to gird up.  Here is a sampling.  First, make certain Windows Defender is up-to-date and that its real-time protection shield is operational.  Second, set your pop-up blocker to maximum in I.E. 8.  I can’t tell you how many problems can be avoided just by doing that.  Third, configure your browser such that it BLOCKS third-party cookies.

 

As for the “rash” of trojans-  Although I have been away from the “fray”, users MUST use wisdom.  Consider this, when you have 8-year-old kids in Fourth World countries writing new virus programmes to then sell them to warlords who, in turn, feed them - - who do you think is going to win?  The desperation lies with them.  The need for food and water will far surpass any efforts of those living in comfortable quarters.  Far gone are the days of college idiots writing “joke” programmes that were easily solvable.  Make no mistake, I’ve been around computers since my old IBM 386 and these issues are becoming ever complex.  In addition, it is my belief that no one [1] security solution is a “magic bullet”.  In my opinion, it takes a combination of security suites, security tactics, and wisdom.  I will now take some time to expound on the last point of wisdom.  I have a theory that security suites such as McAfee/Norton will primarily derive statistics from developed nations i.e. Canada, US, UK, and Australia.  However, the majority of viruses are stemming from third/fourth world countries.  What am I getting at?  Simple.  If, in Google, I see a link ending in .ge (Georgia near Russia) I am not clicking that link because I acknowledge the universally accepted theorem of limited definitions that center from security programmes in developed countries.  The precept of the aforementioned as I have coined it is referenced simply as, “the principle of geographic constraints”.  Also, if you think you are clicking on something for one thing, but, when you scroll over it you are being directed to something completely un-germane, don’t do it.  Do not download anything with ‘hot’ or similar phraseology in it. 

soj:

> Quite properly, Norton should do nothing if a remediation attempt would risk removing system files

> that would make the machine unbootable.  Norton does make some tools specifically designed to remove

> certain major infections, but the problem is that the malware changes tactics so frequently

> that the tools are not always effective against the very latest variants.  That is why

> individualized removal efforts are often necessary, and why Quads requests logs that show

> exactly what the infection has done before he attempts to cure it -

> this week's patched file may be completely different than last week's

 

That reply concerns me.

 

"Quite properly" Norton should NEVER "do nothing."

 

95% of computer users cannot remove the current trojan/rootkit problems by themselves (of the type that are filling this forum).

 

Worldwide, how many users are there of NIS and 360? Certainly hundreds of thousands.  Maybe a million (worldwide)?

 

I'd guess that less than 1% of all those NIS/360 customers use this forum.

 

How many customers have this trojan/rootkit problem?

The number of posts in this forum is a clue.

The number (because of Norton's market share) has to be huge.

 

Now extrapolate and do the math.

 

One guy -- Quads -- a computer genius and a hero, is supposed to support _all_ of Symantec's customer base?

 

WHAT IS SYMANTEC _DOING_ TO HELP ALL THOSE CUSTOMERS WITH TROJANS AND ROOTKITS ON THEIR COMPUTERS?!

 

Emphasis on the word "doing."

Meaning action, not talk.

Not posts in a forum.

 

Action that results in the _removal_ of the malware that infests their many customers' computers.

 

> Quite properly, Norton should do nothing if a remediation attempt would risk removing system files

 

I agree with that statement in theory.  In practice, Norton should do remediation that a) fixes the problem and b) _of course_ does not "risk removing system files."  Do it right.

 

> the problem is that the malware changes tactics so frequently
> that the tools are not always effective against the very latest variants.

 

Is that a rationale for never doing anything?

If not nothng, then what should Symantec be doing?

And what is Symantec actually doing?

 

> individualized removal efforts are often necessary

 

Who else is doing this? 

(For the people who have already paid their money to Symantec.)

 

A list of other sites where free help is available.

http://www.bleepingcomputer.com
http://www.geekstogo.com/forum/
http://www.cybertechhelp.com/forums/
http://forums.whatthetech.com/

Because of the way the threat is changing today's solution cannot be used on a computer infected last week nor will it solve the problem for a computer which will become infected next week.

This is the situation facing the programmers who are trying to write a solution which can be released to all users and which will do the job correctly. Once they find the key, if there is one, they may be able to accomplish this task. Until then the folks at the sites listed above and Quads, along with those who are active on the foreign language sites will be very busy and most deserving of our gratitude and thanks.

---

joen wrote:

soj:

> Quite properly, Norton should do nothing if a remediation attempt would risk removing system files

> that would make the machine unbootable.  Norton does make some tools specifically designed to remove

> certain major infections, but the problem is that the malware changes tactics so frequently

> that the tools are not always effective against the very latest variants.  That is why

> individualized removal efforts are often necessary, and why Quads requests logs that show

> exactly what the infection has done before he attempts to cure it -

> this week's patched file may be completely different than last week's

 

That reply concerns me.

 

"Quite properly" Norton should NEVER "do nothing."

 

 

---

Hi Joen,

 

Let me try to put this in perspective. First I will state that though Quads is one of the best if not the best out there he is certainly not the only one who can deal with these infections. In addition to what Dick mentioned Symantec has their own malware removal experts to deal with these infections.

 

But really I wanted to clarify another aspect of this. When SOJ mentioned that Norton should do nothing in such cases, what he is referring to is that obviously if Norton cannot SAFELY remove the infection (which is particularly problematic when it comes to CORE system files) then the software certainly should NOT attempt to remediate the infection anyway.

 

What Norton can and should do is this. If Norton cannot safely remediate (remove, neutralize, choose your word) it should certainly alert the user to the fact they have an infection that requires expert assistance to deal with - if it is in fact at least able to DETECT it.

 

Hope this clarifies a bit.

 

Best wishes.

Allen

I'm new here but read most of this thread and feel like at the very least, Norton can hire more people to respond to questions on this forum. There is no reason that Quad should have to do all of the work as a volunteer. If there were 10 Norton employees wirting scripts and helping users who post here, it would help tremendously. When I called Norton they wanted me to pay $99 to clean the viruses on top of my subscription fee. I thought that was insulting. Norton should stand by its product and if a virus gets through there should be people here to help. Just my 2 cents.

---

tosh wrote:

I'm new here but read most of this thread and feel like at the very least, Norton can hire more people to respond to questions on this forum. There is no reason that Quad should have to do all of the work as a volunteer. If there were 10 Norton employees wirting scripts and helping users who post here, it would help tremendously. When I called Norton they wanted me to pay $99 to clean the viruses on top of my subscription fee. I thought that was insulting. Norton should stand by its product and if a virus gets through there should be people here to help. Just my 2 cents.

---

Hi Tosh,

 

Welcome to the Norton Community.

 

Please do not take what I am about to say the wrong way.... The reason Symantec cannot typically do virus removal for free is because despite having Norton security software users do many times get infected because of something they do online or via launching email attachments, etc that no security software in the industry can always protect against. For example, one can download and run a questionable executable program or installer and sometimes even bypasses or overrides Norton when it basically asks "Do you really want to do this?".

 

There are cases where the user themselves gives implicit or explicit permission for that program to run and thereby causes a resultant infection.

 

Norton should and always does make every attempt to alert the user that what they are about to do is questionable but in the end if the user overrides this and chooses to move forward anyway, Norton can do nothing about it.

 

If Symantec had a blanket rule that they would remove all such infections for free they likely would not be in business long and I don't know of any company out there who will make this kind of guarantee.

 

Secondly, since there are always new variants popping up for which all security software has to play "catch-up" there is always going to be the risk of something slipping through before Norton has discovered and made code changes to deal with the new malware. Again I don't know of any company out there who guarantees that their software will catch everything - it would be a recipe for disaster if they did.

 

Please don't misunderstand me though. I am not by any stretch implying that you or any specific individual has created their own problem but rather stating that this is one of the more common routes of infection.

 

Hope this helps.

 

Best wishes.

Allen

 

P.S. The Norton Community is primarily a user to user forum though there are certainly a lot of Symantec employees who monitor and provide assistance to the end users.

Hi AllenM,

 

I understand your point but there are plenty of options between having the blanket rule of fixing viruses that you mentioned and the completely hands-off apprach that Norton currently takes with regard to cleaning off viruses.  I for one, did not have any warnings from Norton 360 when my computer was infected and I suspect many people who are being hit with this "rash of trojans" are in the same boat. I never had a virus before this. So now I have no way of fixing it without paying $99 which I cannot afford. At the very least there should be more people like Quad who is nice enough to do this on his own time. I only hope he finds the time to help me with my problem but I do not expect him to considering the huge number of people having problems and the fact that he is one person. I just wish Norton would at least do the best they can to address problems.

 

Tosh