What is Sweetpacks and why won't Norton 360 Stop and Fix it

Norton Security | Norton Internet Security
1

I have been infected with the Sweetpacks virus /malware /unwanted program / malicious software.

 

Nortons response appears to be it is not thier problem.

 

My research indicates Norton's directs you to other sites to remove the "not a virus" problem.  These sites, if I understand  direct you to install a competitor's product to remove the software.

 

Is this correct?

 

Why is Norton not addressing this?

 

When I do get it removed, will 360 Stop it in the future? 

 

If not, why not?

 

If not, why do I purchase 360?

 

 

2

Hi AbnRgr,

 

I would suggest posting in the new Malware Discussion board http://community.norton.com/t5/Malware-Discussion/bd-p/Malware

 

Start by reading the guidelines in the first post. Do NOT run any more scans, or use any utilities until instructed to do so by the Malware Expert (Quads).

3

If it is a Potentially Unwanted Program, PUP, Norton does not scan for these as some users actually want the program. These programs usually do not damage a user's system, although they are a PITA.

 

We often recommend secondary on demand scans with free versions of SuperAntiMalware or Malwarebytes to help with this kind of intrusions.

 

Just be sure you do not install the Pro versions, as those have real time scanning that will conflict with your installed security software.

 

 

 

4

Symantec should offer a separate downloadable solution to remove the Sweetpack malware.  The Sweetpack is not able to be deleted by the system because it is malware and such as, it takes over your browser and won’t let go. I used the Malwarebytes website to fix this. I firs ran the Malwarebytes program, then went into their forum and searched Sweetpack where I found a 4 step download to remedy the problem. It worked. Problem solved. Please Symantec, offer a solution to those who want it. Thank you.

5

Symantec should offer a separate downloadable solution to remove the Sweetpack malware.  The Sweetpack is not able to be deleted by the system because it is malware and such as, it takes over your browser and won’t let go. I used the Malwarebytes website to fix this. I firs ran the Malwarebytes program, then went into their forum and searched Sweetpack where I found a 4 step download to remedy the problem. It worked. Problem solved. Please Symantec, offer a solution to those who want it.

6
donvstheworld wrote:

Symantec should offer a separate downloadable solution to remove the Sweetpack malware.  The Sweetpack is not able to be deleted by the system because it is malware and such as, it takes over your browser and won’t let go. I used the Malwarebytes website to fix this. I firs ran the Malwarebytes program, then went into their forum and searched Sweetpack where I found a 4 step download to remedy the problem. It worked. Problem solved. Please Symantec, offer a solution to those who want it.

I agree that a one-stop AV would be great in the PC world but it doesn't exist.  I admit I had to rethink this fact several years ago when I thought that one AV suite is sufficient to provide 100% protection.

 

After reading a lot of positive reviews about MBAM and advice from the Norton gang here, I installed MBAM last Dec as a 2nd-opinion tool that focuses on malware.  I place my confidence in Norton 360 for protection against the virus threats as well as most malware threats.

 

Imo, the best approach for fast-fixes due to annoying intrusions is to have a scheduled full HDD backup scheme in place in addition to Norton and MBAM tools.  I also run unattended nightly full-system scans with Norton and MBAM.

 

I use the cloning approach, cloning every 6 weeks.  It's easy and doesn't require a lot of time.  It usually takes me about 1.5 hours to clone, which includes installing the cloned HDD to test it, booting it up, launching a few apps, then re-installing my original Source HDD.

 

It's paid off a few times over the years, after I had been hit with a particularly-pesky malware or virus that was taking too long for me to clean.  When that happens, I plug in my clone HDD and I'm back up running fairly fast.  Then I format the infected HDD and clone again to always have a backup HDD on the shelf.

 

One can also clone in the same way with a Laptop using an "Enclosure" that will clone via USB and eSata.

 

I have 2 of these installed in my Desktop Tower for cloning ease:

 

http://www.amazon.com/KingWin-KF-1000-BK-Single-Internal-SATA/dp/B00126U0VA

 

I have a similar Enclosure for my 2.5mm Laptop HDD for periodic cloning:

 

http://www.amazon.com/Acomdata-Tango-Enclosure-Obsidian-TNGXXXUSE-BLK/dp/B001XHELB8/ref=sr_1_1?s=pc&ie=UTF8&qid=1375535182&sr=1-1&keywords=esata+usb+enclosure

 

I posted this because I see numerous posts at the forum where users have been hit with those pesky intrusions that aren't easily removed.  I know that feeling, back in the days before I began scheduled full HDD cloning.

 

If someone's interested in cloning, my advice is to get into the habit of formatting the Target HDD before starting the cloning process.  I do that to make it (just about) impossible to select the wrong HDD as the Target HDD.  That will prevent a "face-palm" situation since that would format the Source HDD and then the user isn't a happy camper.

 

I use a free HDD utility tool and boot from a CD to format my Target HDD before booting my cloning utility,  In that way, all of the formatting & cloning steps are performed independent of the OS.

7

Scoop8

 

Cloning sounds like a great idea, similar to using imaging software. 

 

The only question that comes to mind is that I have seen Quads post here that some infections can survive even a HDD format.

 

Maybe Quads will see this and comment on your system of protection.

 

 

 

8

PUP's won't survive a reformat.

 

Quads

9
peterweb wrote:

Scoop8

 

Cloning sounds like a great idea, similar to using imaging software. 

 

The only question that comes to mind is that I have seen Quads post here that some infections can survive even a HDD format.

 

Maybe Quads will see this and comment on your system of protection.

 

 

 

Peter,

 

Thanks for the tip on this.  I've wondered about this as well, and I've done a pre-cloning "wipe HDD" action using a HDD freeware tool but it's a time-consuming process so I settled on the formatting approach.

 

I also have a 3rd cloned HDD that's several months old, sort of a "failsafe" HDD backup that I don't clone regularly.

 

I also run a twice-daily automated incremental backup using Acronis 2011, for those "must have" files, Qdata (Quicken data file), Outlook *.PST data files, and frequently-edited Excel files.

 

I've looked at Imaging and and am learning more about that approach.  There are pros & cons to each of the ideas.

 

Bottom line for me, is that I'm lazy *lol*   One thing that I don't like doing, in the event of having to replace a HDD, is having to reload the OS, then load all of my apps, etc, and then have to spend time customizing MS Office, etc.

10
Quads wrote:

PUP's won't survive a reformat.

 

Quads

Thanks Quads.

 

I was just wondering if cloning or imaging is able to clear the nasties you work with that do survive a format? Would the image restore go deeper on the HDD to overwrite the surviving malware?

 

 

 

11
Quads wrote:

PUP's won't survive a reformat.

 

Quads

Quads, Thanks for the info.

peterweb wrote:
Thanks Quads.

I was just wondering if cloning or imaging is able to clear the nasties you work with that do survive a format? Would the image restore go deeper on the HDD to overwrite the surviving malware?

That's a good question.

 

My understanding of this is that, the main difference between cloning & imaging is:

 

- Cloning copies the HDD bit-by-bit for an exact photo of the Source HDD.

 

- Imaging effectively does the same thing (if selecting a full-disc image) but it compresses the copy via a proprietary method.

 

Acronis uses a *,TIB extension method. From what I've been reading about Imaging in general, is that an advantage of that approach is that you can have multiple copies on a backup HDD, ie, an external drive.

 

However, since I've been digging into this lately, the compression ratio isn't what I had thought, at least with one recommended Imaging tool ("Macrium"). That tool apparently compresses by approx. 50% ratio.

 

When I began reading up on Imaging, I had a vision that I could store 5-10 full-disc images on say, a 2 Tb external HDD. When reading further about this, that's not typically going to work since video and photo files don't compress as well or as small as OS and other typical files on a typical HDD.

 

These are reasons that, so far, I've stayed with cloning until I can research the Imaging idea further and select a utility that may be more efficient than Acronis's Imaging method.

 

I'm happy with Acronis cloning.  It takes about 40 minutes to clone my 1 Tb HDD.  I've also used the freeware tool "Clonezilla".  That one, for me, took about 1 hr or a little longer.

 

I prefer Acronis since it's more user-friendly, with the gui screens, etc.  Clonezilla requires more caution, even with the "beginner" mode.  I didn't have any problems with it but it's mainly recommended for the more experienced user.

 

One advantage to me, with cloning, is the faster recovery time vs Imaging,  Recovering with a cloned HDD doesn't require booting up with the Imaging utility, then performing the "recover" action.

 

When I recently imaged my Source HDD using Acronis, the "backup" step took about 5 hours.  This is with Sata transfer speeds, using my Tower Sata hot-swap trays.