Not what you were looking for? Ask our experts!
Reply
Contributor
BinHock
Posts: 11
Registered: ‎12-23-2008

how does it work?

Regarding blocking worms and virus? I use Norton AntiVirus2008. So lets take the example of

 

W32.Waledac

 

I see today that Norton/Symantec has been able to detect this and that it usually comes via an e-card.

So lets say I just updated the defs for my NAV2008. So now I get an ecard with this attachment. So like an idiot I open it. But the fact that my defs are updated to block this (assuming it hasn't mutated), tehn i most likely would not get infected?

Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: how does it work?

[ Edited ]

BinHock wrote:

Regarding blocking worms and virus? I use Norton AntiVirus2008. So lets take the example of

 

W32.Waledac

 

I see today that Norton/Symantec has been able to detect this and that it usually comes via an e-card.

So lets say I just updated the defs for my NAV2008. So now I get an ecard with this attachment. So like an idiot I open it. But the fact that my defs are updated to block this (assuming it hasn't mutated), tehn i most likely would not get infected?


 

If you have e-mail Scanning on, it should Remove it from the e-mail as soon as you open it.  In some cases, it will Remove it before it even hits your In-box.

 

If you do not have E-mail Scanning on, you would get Infected, but Norton would Dectect it via Auto-Protect and hopefully it should Remove it.  If it does not, you can Ran a Manual Full System in Normal Mode and in Safe Mode.

 

You should have E-mail Scanning In-coming and Out-going Turned On.

Message Edited by Floating_Red on 12-24-2008 12:21 AM
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Contributor
BinHock
Posts: 11
Registered: ‎12-23-2008

Re: how does it work?

I use a yahoo based email rather than outlook. would that work the same?
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: how does it work?


BinHock wrote:
I use a yahoo based email rather than outlook. would that work the same?

 

Yes.
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Contributor
BinHock
Posts: 11
Registered: ‎12-23-2008

Re: how does it work?

and my original attempt using this example was to confirm that if bad item xyz version 1.0 is out there and Norton has added it to their updates and I added the update, then in theory I should not be infected or even be able to download through stupidity bad item xyz version 1.0. that the updated defs should protect me
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: how does it work?


BinHock wrote:
and my original attempt using this example was to confirm that if bad item xyz version 1.0 is out there and Norton has added it to their updates and I added the update, then in theory I should not be infected or even be able to download through stupidity bad item xyz version 1.0. that the updated defs should protect me

That is right.

 

Even if the E-mail Scanner does not Detect it, Auto-Protect probably will.  And, even if they both Miss it, you have got your on-demand, Norton Scanners.

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Contributor
BinHock
Posts: 11
Registered: ‎12-23-2008

Re: how does it work?

[ Edited ]

so keep updates updated :)

Message Edited by BinHock on 12-23-2008 04:47 PM
Contributor
BinHock
Posts: 11
Registered: ‎12-23-2008

Re: how does it work?

sorry somewhat new to this what would be the on-demand, Norton Scanners?
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: how does it work?

But please remember that, even if you do Download and Install Virus Definitions (V.D.s) for X.Y.Z.Z. Virus, for example, it may have changed to X.Y.Z.E. Virus, for example.  For example: If V.D.s are Released on Thursday, December 25, 2008, at 1500, and you Install the V.D.s at 2000, the Virus could have Modified it-self by that time, so it is really important customers Install V.D.s and other Signatures as soon as they become available.
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Contributor
BinHock
Posts: 11
Registered: ‎12-23-2008

Re: how does it work?

thanks and of course I wouldn't purposely download stuff like that. Just thinking extreme situations and how Norton protects us