NAV vs Defender

G

Guest

Hi, Beta Travelers:

I just wanted to note the following for your protection. I have been using
Norton AV for many years and I was a Windows Defender Beta user as well until
yesterday when NAV informed me that I could no longer simply update my
subscription but had to buy NAV 2006 to continue to get protection from the
still thriving malicious hacker industry out there (wankers!)

I did this and installed NAV 2006 (with the usual incredible Nortonesque
difficulties - why is it after all these years no one seems to be able to
write a decent installation program for XP??) and discovered that NAV 2006
has Anti-Spyware built in so I uninstalled Windows Defender and ran a full
scan.

Much to my surprise, and although I had been running the latest Win Defender
build with up to date definitions and scanning my system daily, NAV did find
three high risk spyware programs on my system.

So this is my last communication with this group and I wish you well and
good luck, but you may want to look around yer hard disks for the following
evil doers which Win Defender is apparently incapable of spotting.

Pass it on, fans.

:blush:)>FLAtRich

Found yesterday (7/1/06) and noted in my NAV 2006 Log:

Source: Manual Scanner
Risk category: Adware
Overall Risk Impact: Medium
Performance: Low
Privacy: Low
Removal: High
Stealth: Medium
Click for more information about this risk : Adware.Purityscan
Action taken: Removed
Description: Affected areas:
1 Files:
C:\WINNT\system32\HKDSK~1.EXE - Deleted

6 Registry keys:
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\ENUM\SW\{b7eafdc0-a680-11d0-96d8-00aa0051e51d}\{9B365890-165F-11D0-A195-0020AFD156E4} - Deleted
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet
Explorer\URLSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Not detected
HKEY_USERS\S-1-5-21-429115175-2541319435-2214429306-1004\Software\Microsoft\Internet
Explorer\URLSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet
Explorer\URLSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Not detected
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet
Explorer\URLSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Not detected
HKEY_USERS\S-1-5-21-429115175-2541319435-2214429306-500\Software\Microsoft\Internet
Explorer\URLSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Repaired

Source: Manual Scanner
Risk category: Adware
Overall Risk Impact: High
Performance: High
Privacy: Medium
Removal: High
Stealth: High
Click for more information about this risk : Adware.Quadro
Action taken: Removed
Description: Affected areas:
6 Files:
c:\WINNT\system32\DnwEJ49.exe - Deleted
c:\WINNT\system32\Gpw2p.exe - Deleted
c:\WINNT\system32\Lkzrgzf.exe - Deleted
c:\WINNT\system32\Nfw8fU8C.exe - Deleted
c:\WINNT\system32\Pelus4.exe - Deleted
c:\WINNT\system32\Tepv.exe - Deleted

12 Registry keys:
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\Enable Browser
Extensions - Repaired
HKEY_USERS\S-1-5-21-429115175-2541319435-2214429306-1004\Software\Microsoft\Internet Explorer\Main\Enable Browser Extensions - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\Enable Browser
Extensions - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\Enable Browser
Extensions - Repaired
HKEY_USERS\S-1-5-21-429115175-2541319435-2214429306-500\Software\Microsoft\Internet Explorer\Main\Enable Browser Extensions - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Window
Restrictions\iexplore.exe - Not detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet
Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS\iexplore.exe -
Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\New
Windows\PopupMgr - Not detected
HKEY_USERS\S-1-5-21-429115175-2541319435-2214429306-1004\Software\Microsoft\Internet Explorer\New Windows\PopupMgr - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\New
Windows\PopupMgr - Not detected
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\New
Windows\PopupMgr - Not detected
HKEY_USERS\S-1-5-21-429115175-2541319435-2214429306-500\Software\Microsoft\Internet Explorer\New Windows\PopupMgr - Not detected

1 Additional areas:
Unknown - Deleted

Source: Manual Scanner
Risk category: Dialer
Overall Risk Impact: High
Performance: High
Privacy: High
Removal: High
Stealth: High
Click for more information about this risk : Dialer.SPlanet
Action taken: Removed
Description: Affected areas:
1 Files:
C:\WINNT\Downloaded Program Files\karaoke.exe - Deleted
 
T

Tom Emmelot

Hi FLAt,

did you ever did a full scan with Defender???

Regards >*< TOM >*<

FLAtRich schreef:
 
G

Guest

I was a longtime fan of "Snortin' Norton" but became disenchanted when the
cure seemed worse than the disease. Symantec has had several significant
vulnerabilities in both its retail product and its online scanner. It is
currently reinstated, but on probation on this site:

http://SecorConsulting.net/pages/security.html

Part of the "problem" you may have expereinced is Symantec's untimely
experiment with rootkit technology. In creating convenient hidding places
for its own software, it offers safe harbor for less savory things such as
malware. As a result, some of the hidden malware is able to escape detection
by other anti-virus and anti-spyware tools.

Symantec's fascination with rootkits and their convoluted method of
intertwing their products within the operating system could be their undoing.
You will find a Norton Removal Tool in plain sight on the above referenced
website. Without a great deal of targeted searching, it is nearly impossible
to locate on Symantec's.

May I suggest that you seriously consider using it. ;-)
 
R

robin

I agee, I was also a long time fan of "piggy Norton" up until 2 yrs ago when
they decided to get too big and slow down every computer i put the antivirus
on.
I did alot of reading and testing of AVG Free Antivirus and found that it is
not a memory hog like Norton and it actually finds more viruses and trojans
then norton does and worse- here is the kicker! they give it to you for
FREE.
It does everything the Pro version does except: you cannot use it with a
network (you need the pro version for that) you cannot set times and dates
for scanning (it scans every day but that is not a problem because you can
actually work while it is scanning- not just sit there and wait till the
scanning is done because you could not move a thing when norton scanned) and
there is no tech support but there are so many free forums out there that
will help you with AVG.

I have the pro version now with their Firewall which also is very good-
because I am networked but you buy it and it doesn't expire for 2 yrs not
like norton for 1- and you can trial it for one mth (norton is too "big" and
"snotty" to allow you to trial it).

On all my clients computers that are stand alone computers I put the free
version and none of them have had any problems with it. It is very user
friendly and a 5yr old (almost) can figure it out.
robin
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

HKEY_CURRENT_USER 7
Modify IE Registry Settings 0
Question About Setting Restricted Zone To ZERO Security 1
DSO Exploit 5
Cannot Remove DSO EXPLOIT found by Spybot 5
IE problems - all browser windows close for no reason and no warni 4
Limit on pop up sites? 3
CleverIEhooker.Jeird in internet registry 1

Top