locked
Symantec 360 RRS feed

  • Question

  • Now I feel foolish - I had been using WLOC since it was released. It worked for me and never had a problem. Just didn't like not being able to turn items off without getting the red icon. I didn't like the backup mostly. So in December I read the reviews of the 2008 Security Suites. They gave Symantec raving reviews as always, but it looked like they cleaned up their act. So I purchased Symantec 360 - it was OK but slow. Anyway, it had only been running 3 weeks when I get infected with the win32.Netsky worm. 360 didn't tell me this, but Microsoft did.

    That was three days ago, my new Dell XPS just arrived yesterday and now trying to decide if I should go back to WLOC - obviously Symantec didn't work :-). I have never had a virus or a worm and here I get one after only three weeks.

    Saturday, January 19, 2008 10:40 AM

Answers

  • DXEngineer;

     

    Obviously Symantec and Microsoft are going to have different anti-virus databases.  Why not use both?  You can install one product and use the on-line scanner of the other to have the advantages of having both databases to draw on.  Then it's simply a matter of deciding which installed product is more to your liking:

     

    http://onecare.live.com/site/en-us/default.htm

    Saturday, January 19, 2008 8:02 PM

All replies

  • DXEngineer;

     

    Obviously Symantec and Microsoft are going to have different anti-virus databases.  Why not use both?  You can install one product and use the on-line scanner of the other to have the advantages of having both databases to draw on.  Then it's simply a matter of deciding which installed product is more to your liking:

     

    http://onecare.live.com/site/en-us/default.htm

    Saturday, January 19, 2008 8:02 PM
  • Thanks Dave;

    My surprise is that the netsky worm is old, so it should have been in all the databases by now, I think. I didn't think it was such a good idea to have to running at a time. As i said, I was happy with one care, I was just convinced that 360 would be better, guess not. Netsky usually enters through email, I am very good about not opening attachments from people or places I don't know - sometimes from people I do know. Just depends what is on the attachment. So I am puzzled about how this got into my system. Could have been through an active X component. But I noticed when I came to this site today that there have been quiet a few infections from Netsky lately.

     

    Saturday, January 19, 2008 8:23 PM
  • You're welcome,

     

    There is no problem with running two signature based AVs as long as you don't scan concurrently, and only one of them is an installed application running in real-time.  I don't really know why Symantec would have missed your's, since they do detect at least 13 variations of Netsky and have a standalone removal tool for it:

    http://www.symantec.com/security_response/writeup.jsp?docid=2004-021816-1759-99

     

    I always suspect false positives unless several security products detect the same infection, on the other hand Microsoft seems to have around 152 variations of Netsky in it's database, so Ms may have more comprehensive data on that particular family than Symantec:

    http://www.microsoft.com/security/portal/SearchResults.aspx?query=netsky

     

    If you haven't removed the infection yet, it would be a good (perhaps enlightening) idea to pass it through Virus Total for some comparatives:

    http://www.virustotal.com/
    Saturday, January 19, 2008 9:01 PM