Norton Strangeness

  • Thread starter Thread starter DM
  • Start date Start date
D

DM

I was running Norton 2004 on XP Home SP2 (not my choice, it was a friend of
a friend) and after it detected 37 viruses it only deleted 4 of them.
Rebooted into safe mode, re-ran scan and it only deleted 3 of the remaining
33! However, I was able to delete them using windows explorer so it was not
because they were in use (or in system restore).

I never thought much of Norton but this was mainly to do with bloat but is
there any reason why Norton would not delete these viruses in safe mode? -
It does seem to defeat the purpose of anti virus software if it refuses to
delete the viruese it has found.
 
DM said:
I was running Norton 2004 on XP Home SP2 (not my choice, it was a friend of
a friend) and after it detected 37 viruses it only deleted 4 of them.
Rebooted into safe mode, re-ran scan and it only deleted 3 of the remaining
33! However, I was able to delete them using windows explorer so it was not
because they were in use (or in system restore).
Click to expand...

What a horrible ordeal - do you have counselling for survivor guilt? :)
I never thought much of Norton but this was mainly to do with bloat but is
there any reason why Norton would not delete these viruses in safe
Click to expand...
mode?

Possibly, but you haven't told us what (viruses?) they were or where
they were located (cab files, mail folders?)
It does seem to defeat the purpose of anti virus software if it refuses to
delete the viruese it has found.
Click to expand...

The purpose of anti-virus software is to detect the presence of malware
in its purview within (mostly) files. They added the ability to identify
and remove some of what is found - but that does not make the inability
to do so defeat its actual purpose.
 
Roger Wilco said:
What a horrible ordeal - do you have counselling for survivor guilt? :)
Click to expand...

I've seen worse - someone at work asked me why their email was not working.
It turned out they had poured 1/2 a cup of tea in the keyboard!!!
mode?

Possibly, but you haven't told us what (viruses?) they were or where
they were located (cab files, mail folders?)
Click to expand...

There were some inside zip files but the rest were ordinary files. None were
in mail folders. Most appeared to be trojans - they have a teenage daughter
who is into downloading music files.
The purpose of anti-virus software is to detect the presence of malware
in its purview within (mostly) files. They added the ability to identify
and remove some of what is found - but that does not make the inability
to do so defeat its actual purpose.
Click to expand...
I was just surprised that as Norton tried to delete the files it was unable
to do so despite there being no reason why they could not be deleted. I knew
how to delete them (I'm the sysadmin at work) but as Norton is aimed at
ordinary users most of whom would not know how to, or be afraid to delete
something they don't know about.
 
DM said:
:)

I've seen worse - someone at work asked me why their email was not working.
It turned out they had poured 1/2 a cup of tea in the keyboard!!!
Click to expand...

I bet that information didn't come out easily. Most users will try to
make you believe they did nothing to cause a failure. They are in fact
happy that viruses exist to take the blame. :)
There were some inside zip files but the rest were ordinary files. None were
in mail folders. Most appeared to be trojans - they have a teenage daughter
who is into downloading music files.
Click to expand...

As for archive files and other container files the AV might not be able
to delete only the malware file from them, so they don't attempt it.
They won't delete the whole thing because the user may still want the
other content. Some trojans aren't covered in the removal feature of the
AV because they are not specifically identified - only detected. In that
case you follow the generic instructions for manual removal. Actually,
it is a bonus that any automatic removal at all is offered.
I was just surprised that as Norton tried to delete the files it was unable
to do so despite there being no reason why they could not be deleted.
Click to expand...

There probably was a reason, we just don't know what it was yet. :)
I knew
how to delete them (I'm the sysadmin at work) but as Norton is aimed at
ordinary users most of whom would not know how to, or be afraid to delete
something they don't know about.
Click to expand...

That is sort of funny when you think about it - the main thing that the
average user is incapable of is the detection of malware. Most are
capable of not executing it or even deleting it as it arrives.
Prevention is relatively easy aside from the problem of detection - and
that is the reason they (and we) need AV scanners. If they need to
delete something that the OS or resident malware is "protecting", some
even know how to "clean boot" and delete from there. But alas - AV has
become a crutch for doing all of the things that the users are actually
quite capable of doing for themselves yet can't be bothered to make the
effort.

Now we're stuck with the mindset that "removal" is the essential part of
an AV product and executing malware is no problem because you can run a
removal tool after the fact. E-mail vector worms (and blended threats)
make their mark by using the time allotted them between their release
and the removal tools' appearance.

Sorry for the rant - but I feel better now. :))
 
Back
Top