Comments on: Symantec Admits Rootkit Usage in SystemWorks

by: Erik

Wed, 18 Jan 2006 21:02:10 +0000

Poorly researched article. The hiding never prevented a virus scan from scanning the contents. The comment of how long it would take a virus writer to take advantage is absurd. I know of about 50 viruses that have tried to use this folder, but not one has ever been able to “take advantage” fo this folder. It’s not a Rootkit and never has been. The definition of a rootkit is the following:
“A rootkit is a component that uses stealth to maintain a persistent and undetectable presence on the machine. Actions performed by a rootkit, such as installation and any form of code execution, are done without end user consent or knowledge.

Rootkits do not infect machines by themselves like viruses or worms, but rather, seek to provide an undetectable environment for malicious code to execute. Attackers will typically leverage vulnerabilities in the target machine, or use social engineering techniques, to manually install rootkits. Or, in some cases, rootkits can be installed automatically upon execution of a virus or worm or simply even by browsing to a malicious website.

Once installed, an attacker can perform virtually any function on the system to include remote access, eavesdropping, as well as hide processes, files, registry keys and communication channels. ”

The NProtect folder does not fit this definition at all.

by: crue_30

Tue, 17 Jan 2006 15:19:32 +0000

A couple of good friends and I run a tech shop and we spend MANY tediuos hours a week (while customers are paying good money) to remove Norton from machines. It simply isn’t doing it’s job. The virus protection is missing many things and the internet securities package renders a simple office network machine almost useless. System Works has some nice features but windows has all those tools built in, you just have to take the time to learn how to use them. You also pay, what I call the ultimate price, when installing system works…..most of your system resources. This stuff makes an average machine crawl!!! To fins out that Norton is using a rootkit is just an “AH-HA” for me. This article will be made poster-size and posted all over my shop. There are GOOD tools out there that are free and do the job much better than Norton. Letting them continue to ride high in the future on the name they built for themselve back in the late 80’s and early 90’s can stop now. Force them to become good again because theyre product is inferior and has been for several years now. In my opinion, Ghost is the only product they have thats worth purchasing. With the release of Windows XP, PC Anywhere is obselete as well. Anti-Vir and some good spyware removing tool working aside a hardware router with a little bit of know-how is all you need!

by: Bob Deloyd

Mon, 16 Jan 2006 08:07:43 +0000

When someone comes to me with a slow computer to fix, one of the first things I do is get rid of Norton and put AVAST on!! Norton is bloatware!!!! //bob

by: Aidle

Sat, 14 Jan 2006 14:05:25 +0000

Cute….
Wonder what the function of having rootkit and product activation? But anyway which version of SystemWork is having rootkit really make everybody puzzle.

by: Security expert

Fri, 13 Jan 2006 18:19:27 +0000

Guys this IS a rootkit, here is the definition of a rootkit.

A tool intended to conceal running processes, files or system data. (that hooks into the OS in a nonstandard way)

Seems it falls into that category, concealing files….

by: Computerworld Blogs

Fri, 13 Jan 2006 13:27:25 +0000

Symantec fesses up (and Seuss turns in grave)

In today’s IT Blogwatch, we look at doing the rounds with Symantec Rootkit. Not to mention the scientists in Taiwan who claim to have bred green, glow-in-the-dark pigs — next stop: green eggs… [You’re fired - Ed-I-am.]

by: dave c

Fri, 13 Jan 2006 07:49:28 +0000

www.avast.com is better than Norton

by: Nate

Fri, 13 Jan 2006 03:37:16 +0000

Mcafee is just as slow and heavy, go AVG, even the free version works twice as good as the other two.

by: Michael Santo

Fri, 13 Jan 2006 03:12:27 +0000

I used to use Norton also. Heck, it was the biggest! But when they started activation … forget it. I will only use activated software if forced (e.g., Windows XP). Plus, I’d seen reputable reviews / tests that indicated how bloated and slow the software was. As a gamer, I want good protection, but minimal impact. So I switched, and I’m much happier.

by: Mike

Fri, 13 Jan 2006 02:36:20 +0000

I used to like Norton, but in the last few years of trying to repair virus infected computers, I always find Norton Anti-virus software damaged/corrupted and impossible to remove. They have a pretty extensive history of having incomplete removal software, often requiring tedious manual file and registry deletions.