Jump to content
xisto Community
evion

Symantec's Lame Responses

Recommended Posts

My sister's computer just got infected by some worm i guess that calls itself a process called "CCapps" the last time i saw it. When i went to the symantec website to find out more about it, i realized its a mass mailing worm which explains why my Norton anti-virus program keeps having stupid popups blocking all the mail the worm is sending out. Or at least, i think it is. The whole thing only stops when i go to task manager and end the process called ccapps but the whole process will start again a few minutes later. I tried using Ad-aware but of course it didn't work so i went to Symantec's website to find a solution. My lame solution was to disable system restore and do a full system scan with updated definitions. Now i vividly remember the days when Symantec's website used to provide small executable programs that would get rid of that specific worm itself. And Nowadays everytime i try to check up on removal instructions their all the same - disable system restore, update virus definitions, full system scan. I'm not saying its bad and all but come on, who would want to do a 2-3 hour long full system scan for a stupid virus/worm when you know what it is and you can delete it automatically with an executable program. Also, my issure of Norton has just expired and i cannot update the virus definitions. Luckily, i think system restore did the trick and removed it. Fortunately for me, the worm wasn't that of a threat and it didn't even bother with system restore at all and got erased when system restore "went back in time". I hope it doesn't appear again...

Share this post


Link to post
Share on other sites

that or switch over to Tren Micro Pc-Cillen, I run it now. I used to be a huge Norton promoter, but when I got my new job I got a "free" copy of Pc-Cillen and tested it out, gotta tell ya it scans a lot faster and uses a heck of a lot less overhead then Norton.Just my 2 cents.

Share this post


Link to post
Share on other sites

that or switch over to Tren Micro Pc-Cillen, I run it now. I used to be a huge Norton promoter, but when I got my new job I got a "free" copy of Pc-Cillen and tested it out, gotta tell ya it scans a lot faster and uses a heck of a lot less overhead then Norton.

Glad to see someone shares my point of view. I used to use Norton myself, but then one day, I reinstalled the system and decided to install the PC-Cillin (2002) that came bundled with my Motherboard. Absolutely no problems at all and the builtin firewall has never given me problems whatsoever. System is actually faster thanks to the low memory usage of PC-Cillin.

Share this post


Link to post
Share on other sites

i like McAfee Stinger the most. One small app for the most outrageous viruses.

+1 for Stinger, I use it each time my system behaves strangely.by the way, disabling the Windows system backup is a normal thing, because if you had a worm or a virus, it's backed up and will appear as you restore your system backup. Edited by yordan (see edit history)

Share this post


Link to post
Share on other sites

true but if you turn off the system restore and kill all of the restore points then turn it back on after cleaning the system then you can once again use the system restore feature as you wish...though I personally hate that feature of windows XP due to the fact that, as stated before, any virus or malware you have will be saved as well. Also there are some that will purposly hide in the windows restore points so that they can be reborn.

Share this post


Link to post
Share on other sites

My sister's computer just got infected by some worm i guess that calls itself a process called "CCapps" the last time i saw it. When i went to the symantec website to find out more about it, i realized its a mass mailing worm which explains why my Norton anti-virus program keeps having stupid popups blocking all the mail the worm is sending out. Or at least, i think it is. The whole thing only stops when i go to task manager and end the process called ccapps but the whole process will start again a few minutes later. I tried using Ad-aware but of course it didn't work so i went to Symantec's website to find a solution.
My lame solution was to disable system restore and do a full system scan with updated definitions. Now i vividly remember the days when Symantec's website used to provide small executable programs that would get rid of that specific worm itself. And Nowadays everytime i try to check up on removal instructions their all the same - disable system restore, update virus definitions, full system scan. I'm not saying its bad and all but come on, who would want to do a 2-3 hour long full system scan for a stupid virus/worm when you know what it is and you can delete it automatically with an executable program. Also, my issure of Norton has just expired and i cannot update the virus definitions. Luckily, i think system restore did the trick and removed it. Fortunately for me, the worm wasn't that of a threat and it didn't even bother with system restore at all and got erased when system restore "went back in time". I hope it doesn't appear again...


Ok first i want to apologize my english is a little weak but i will try my best.

Personally i see System Restore as a huge exploit that virus use to hide and restore themselves after deletion... what i do i keep system restore off and i keep a backup of my windows on my slave harddrive. Now about symanted ive always had a grudge for them and will stay loyal to freeware such as AVG and ANTIVIR. Now to remove a virus disable system restore restart your computer and press f8 go into safe mode and scan with ANTIVIRS once it detects it it should be able to remove it. i hope this works for you

Share this post


Link to post
Share on other sites

Which worm did it turn out to be? ccapps is deceptively similar to ccapp which is an integral Norton Antivirus process.

 

UPDATE: found out that it's the Kangaroo-B worm or NEVEG.B / NEVEG.C variant.

 

Hope you managed to clean it.

 

I recommend creating a disk image of a cleanly installed system with basic utils like media players , messnegers and other apps that you use most frequently. That makes it very easy and hassle-free to restore your system after any threat event has occured. No mess or fuss with re-installing stuff. I mean, who likes staring at progress bars for over 3-4 hours ?

Share this post


Link to post
Share on other sites

system restores must be off and purged of all its contets since the virus can be reboorn when the system is restored or even if it is being clean.a worm is a virus that most of the time do not require a host infected file. it will just put a call to itself either in your internet relay chain the ones use by all programs using the internet or windows explorer. this can also add itself on the bootloader sequence and make itself run while being booted. since windows have this new feature to load data from registry, a virus can hide in the system registry also. killing the process wont solve the problem since a program can have an emergency cleaning code which may be a call to the worm again. this can go on endlessly until system resource rans out.--yes there was a ccapp or is it ccapps memory resident agent for norton.--i personally hate the pc cillin AV, once it get infected, it will spread virus like wild fire. It also have a lot of false positives and on one of my installtion nag me that AVG antivirus and Trend Officescan are viruses.on one occasion it keeps on popping that i have a trojan that blocks my internet connection, funny thing is that i dont have internet connection since it is a remote computer station. --AVG is best or if you have cash go zonelabs netsuite.. it is better to prevent than cure..

Share this post


Link to post
Share on other sites

Ditto with what vhortex said. I have been using AVG for years now and absolutely love it. It doesn't use a lot of resources, pretty effective with frequent updates and has a free edition for personal use.I have recommended AVG to many of my friends who were previously McAfee or Norton users and they love the switch. I'm not saying that AVG is the best, which is why I usually ask users to go with a second opinion by running an online virus scan at sites like Panda, TrendMicro or BitDefender. All those online virus scanners are free to use and you can remove the viruses manually if any are found.Heard many horror stories about Symantec...tech support doesn't help most of the time since you have already tried whatever they suggest already.

Share this post


Link to post
Share on other sites

I've seen many Norton Anti-virus horror stories whilst working on computers. A few months back I saw a business taken down by a worm Norton didn't detect. What kind of reliability is that? As if it isn't enough that the damn thing smothers each and every system..norton has become trash, mcafee has stepped up not only their home solutions but have taken the enterprise market with the foundstone aquisition. With Mcafee shifting to the enterprise sector the microsoft AV software will take a much bigger chunk out of symantec on the consumer level. i am surprise of how long this company lasted. their product stinks!I have quit using Syamtec products about a year ago..

Share this post


Link to post
Share on other sites

Wow...haven't been checking the forums for awhile and my post raised so much discussion? The problem i posed is long gone now. There doesn't seem to have been another virus/worm attack at all. By the way, has anyone tried PC-Doctor before? It came pre-installed on my dad's laptop (bought it like 5-6 years ago) and it seemed to work perfectly during the first 2-3 years of use. Then we switched over to Norton, and it wasn't any better.

Share this post


Link to post
Share on other sites

AVG is great. but i have been having trouble with it trying to update over a shared network connection. it sometimes works, even tho it takes forever to get it configd, but even then sometimes it just drops off and decides there's no connection, but i'm still speeding away in explorer just doing regular browsing, so obviously the connection wasn't bad. BUT.... and here i go again, my very favorite antivirus is NOD32. I have yet to find a comparable (paid) AV that has a smaller memory footprint, and this also does a very fast complete system scan, as well as real-time protection and scanning that you hardly notice it's doing it. plus with a (so far) 100% detection rate, no computer i've installed it on has caught the virus, except for one computer of a friend who didn't update it for a year and then got caught out with the brontok worm. It's the total opposite of norton as far as system resource usage and speed. Plus, you get updates at least once a day.

Share this post


Link to post
Share on other sites

Wow...haven't been checking the forums for awhile and my post raised so much discussion?
The problem i posed is long gone now. There doesn't seem to have been another virus/worm attack at all. By the way, has anyone tried PC-Doctor before? It came pre-installed on my dad's laptop (bought it like 5-6 years ago) and it seemed to work perfectly during the first 2-3 years of use. Then we switched over to Norton, and it wasn't any better.


Thats true you havent been to forums for so many days but the problem still exists :( This Issue is not yet Over.

Share this post


Link to post
Share on other sites

Viruses are much nastier now and are learning a lot of tricks from spyware. It’s no wonder that you had to go through all of these steps. I have had several instances of spyware infections where I had no choice but to reformat because there was simply no cure.With root kits, polymorphism, and other nasties on the rise, it’s only a matter of time.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.