So, this morning I was reading tech blogs and found a nice Tech Republic article noting the google search query allinurl:albums/bsblog/category <<Dangerous!
All those sites (except the top result) contain a css.js file that will redirect you to a scareware download site only if you are referred by Google.One of my coworkers, Justin, happened to have just installed Norton on a lab machine for testing purposes, so I passed it along to him. My desk machine has NOD32 (the only AV we sell) and it blocked even the download prompt for the dropper file.Well, over on the Norton machine, we visited an attack site and got completely hosed. There wasn't a single warning. Now, I would have assumed that maybe the Symantec Lab was just a bit behind on their definitions, but Malwarebytes picked it up fine on roughly week-old definitions file.I tried to find out what server the dropper was connecting to, but I guess I'm not geek enough. (Any Wireshark experts out there?) So I guess I'll have to be content with just uploading it to OffensiveComputing and moving on. What a circus! I sure hope none of you are using Norton…
If you're using norton you need to be reformatting anyway.
Norton sucks.
Norton has good detection rates in lab tests, but it's real-life performance is poor.
For example, we had a heavily infected machine in here the other day with Norton on it. It had a lot of weird behavior that obviously indicated infection, so I ran the Norton remover in preparation for installing NOD32. That went fine, but after a reboot the infection symptoms were so bad that I couldn't even open task manager! Norton had actually been hampering the malware, but it should have prevented it in the first place or at least cleaned it.NOD32 and MBAM cleaned it fine, after I managed to get DTaskManager running and regained control of the system.Im still using AntiVir (9). I havent had any problems so i didnt feel the need to change so far.
and yes, first thing i did when i got my laptop: removed norton.We find AntiVir to have very good heuristics and a low memory footprint, but those heuristics come at a high CPU price.
$.02No antivirus is going to protect in real time anybody. The only program that can protect you in real time is your brain.
There, I said it.