Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Microsoft Anti-Spyware Removes Norton Anti-Virus

  1. #1
    Senior Member
    Join Date
    Dec 2004
    Posts
    3,171

    Microsoft Anti-Spyware Removes Norton Anti-Virus

    An anonymous reader writes "According to a story over at Washingtonpost.com, the latest definitions file for Microsoft's Anti-Spyware beta flags Symantec's Norton Antivirus products as a password-stealing trojan and prompts users to delete portions of the program. Users who follow the instructions hose their installation of Norton, requiring delicate Windows registry edits and a complete removal/reinstall of Norton. Microsoft's support forum is quickly filling up with complaints about this problem, many from businesses that have been pretty hard hit. This should be a cautionary tale about deploying beta products in production environments."

    http://it.slashdot.org/article.pl?si...59232&from=rss
    Slashdot | Microsoft Anti-Spyware Removes Norton Anti-Virus

  2. #2
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    Ha-ha-ha-ha-ha-ha-ha-ha-ha-ha-ha-ha-ha-ha-ha-ha-ha-ha-ha-ha-ha!!!!!!!!!
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Yes it is rather amusing, as are the readers' comments on the thread that was posted.

    However:

    Microsoft's support forum is quickly filling up with complaints about this problem, many from businesses that have been pretty hard hit. This should be a cautionary tale about deploying beta products in production environments."
    I have three comments:

    1. If you have any idea and experience of beta testing security products, you always treat their findings with a degree of circumspection. You should expect false positives

    2. In a business environment, when a "password stealing trojan" is reported, your first question should be "how in hell did it get in here?" and do some research on it. That would tell you what the files really were, and you would then scan them with other products for confirmation.

    3. it doesn't say very much for Microsoft's pre-release testing does it? And this is a beta, so there should not be the same time pressures for releases? Anyway, Norton isn't exactly what I would call an obscure product, so it should be in their test environment, given that conflicts between security products are common.


  4. #4
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    Heh heh heh, now if you are like me.....you would consider Norton to be Malware and not be surprised at all that it was picked up.

    I really don't like Nortons or how hard it is to completely remove from a computer after it has been installed on it.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  5. #5
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    In my experience, in a small business business environment, when a "password stealing trojan" (aka keylogger) is found, the first question is actually "What is a keylogger?". Users have no clue. In fact, I had a client call me last Monday asking me what it meant when Norton's finds a keylogger. This is a guy who trades tens of thousands of dollars worth of stocks daily from that computer. I explained to him what a keylogger is and that he should get it off his PC asap. He told me Norton's was blocking it and when I pressed him for the exact message Norton's was giving him, he couldn't recall exactly what it was, or anything more specific that Norton's may have told him. He then told me he figured it was related to a program, VNC, I had installed days earlier for him. I called him Wednesday just to follow up and he said the keylogger was now showing up on his laptop, the one he does his company's accounting on. When I talked to him again on Friday and asked him if there were anymore messages from Norton's, he said there were none and he figured the keyloggers were gone. Ce la vie?

    This guy blew off my suggestion to do an online AV scan. He apparently feels more threatened by looking stupid or having to pay someone than he does by a rogue program hiding on his
    PC recording all his keystrokes. I see this chit week in and week out.
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi brokencrow

    Your story is oh so familiar! I get exactly the same myself the point is that they call US rather than the AV provider or Microsoft.

    What sort of rang alarm bells for me, and prompted my comment was:

    1. They were running a beta of a security product. To do that they would have to know about it, find it, then download and install it.

    2. The complaints were appearing on the Microsoft Support Forum.

    Now, neither of those circumstances fit the profile of the users that you describe. The guys we deal with wouldn't be able to do #1, and would not know that #2 existed?

    This suggests at least partially computer literate people, and is frightening because it implies they know how to do something, but not what it is that they are doing

    A little learning is a dangerous thing..........
    or something like that?

  7. #7
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    He-heh, nihil, I wasn't taking you to task. Those are all good points you raise. As for "partially computer literate people", they probably have been some training, which is too bad. Folks who are trained often suffer diminished cognitive abilities.

    Like I'm fond of saying, "Training is what you do with your dog."

    “Everybody is ignorant, only on different subjects.” — Will Rogers

  8. #8
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi brokencrow

    He-heh, nihil, I wasn't taking you to task
    I know that you were not, we were just "crying in eachother's beer" (sharing bad experiences)

    On reflection, the totally illiterate are probably preferable? at least they tend to ask us first and pay for it, rather than screw up and expect us to fix it for nothing

    Cheers

  9. #9
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    Yeah, the comments at Slashdot are hilarious (I need a laugh). I'm reminded of a wannabe tech who was explained to me once why he didn't like HijackThis. He told me it always screwed up Windows so bad when he removed EVERYTHING it found, he had to reinstall. YAR!
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  10. #10
    Greeting's

    {OFFTOPIC}

    With BLACK TUESTDAY having 7 patches with 5 *CRITICAL* and now this I think Microsoft is just commited to give us a VALENTINE gift but sadly bill style

    /{OFF TOPIC}
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •