Norton Anti Virus is defenseLESS against banbot ! NAV IS TOTALLY USELESS !!

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I have Norton Anti Virus installed in my PC, however, I just found out
that it is utterly useless.

My PC has been infected with banbot, but NAV can't even find it, let
alone remove it !

It isn't that Symantec doesn't know about banbot, they have 2 webpage
devoted to it --

www.symantec.com/security_response/writeup.jsp?docid=2007-091318-2239-99&tabid=2

and

www.symantec.com/security_response/writeup.jsp?docid=2007-091318-2239-99&tabid=3

and yet

Can anyone please tell me if there's any utility that can help me
getting rid of banbot?

Thank you !

Re: Norton Anti Virus is defenseLESS against banbot ! NAV IS TOTALLY USELESS !!

Penang wrote...

Quoted text here. Click to load it
www.symantec.com/security_response/writeup.jsp?docid=2007-091318-2239-99&tabid=2
Quoted text here. Click to load it
www.symantec.com/security_response/writeup.jsp?docid=2007-091318-2239-99&tabid=3
Quoted text here. Click to load it

"The Trojan may arrive as an attachment of spammed email. The email
contains either an .RTF or a .DOC file that contains an embedded
executable file which must be double-clicked to run. This embedded
executable file is detected as Infostealer.Banbot.

At the time of writing, the .rtf file attached to the spammed email
contains the following text:
Microsoft Word has encountered a problem and needs to close. Please
double click to view the original file. scr."



Your computer requires "NewOwner.exe"
Can be found on EBay...






Re: Norton Anti Virus is defenseLESS against banbot ! NAV IS TOTALLY USELESS !!

On Thu, 6 Nov 2008 00:34:07 -0800 (PST), Penang wrote:

<snip>

Quoted text here. Click to load it

Clean HDD.
Click Start==>Run... then type (or copy/paste) "cleanmgr" (w/out quotation
marks into the box, then click the 'OK' button. Select your drive
(presumably WinXP (C:) and click OK.

Clear the (IE) temporary Internet files and the history cache.
Click Start==>Run... then type (or copy/paste) "inetcpl.cpl" (w/out
quotation marks) into the box, then click the 'OK' button.
In Internet Properties panel 'General' tab, under 'Browsing history', click
'Delete...'button, in 'Delete Browsing History' panel, click the 'Delete
all...'button then place a checkmark into the box beside 'Also delete files
and settings stored by add-ons', Click 'Yes' and exit the Internet
Properties panel by clicking the 'OK' button.

Malwarebytes© Corporation - Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html

Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis

Please, do not post HJT logs to this newsgroup.

Fora where you can get expert advice for HiJack This! (HJT) logs.

http://www.thespykiller.co.uk/index.php?board=3.0
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.tomcoyote.org/index.php?showforum=27
http://www.bleepingcomputer.com/forums/forum22.html
http://www.malwarebytes.org/forums/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://www.theeldergeek.com/forum/index.php?s=2e9ea4e19d3289dd877ab75a8220bff6&showforum=29

NOTE:
Registration is required in any of the above mentioned fora before posting
a HJT log and read the 'stickies'  (instructions/guidelines) for the
respective HJT forum.

Good luck :)


Re: Norton Anti Virus is defenseLESS against banbot ! NAV IS TOTALLY USELESS !!


Quoted text here. Click to load it

I can't comment on NAV, malwarebytes antimalware might be able to assist
you. You can give it a try:

http://www.malwarebytes.org


--
Regards,
Dustin Cook
Malware Researcher
MalwareBytes - http://www.malwarebytes.org
  


Re: Norton Anti Virus is defenseLESS against banbot ! NAV IS TOTALLY USELESS !!


| I have Norton Anti Virus installed in my PC, however, I just found out
| that it is utterly useless.

| My PC has been infected with banbot, but NAV can't even find it, let
| alone remove it !

| It isn't that Symantec doesn't know about banbot, they have 2 webpage
| devoted to it --

They might know about the family but if there is a new variant, it can remain
undetected.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Norton Anti Virus is defenseLESS against banbot ! NAV IS TOTALLY USELESS !!

wrote:

Quoted text here. Click to load it

Congratulations. You just discovered what security experts have known
for many years. This applies to all AV products though, not just
Norton.

Quoted text here. Click to load it

Of course not. What makes you believe that malware would let
anti-malware get in its way?

Quoted text here. Click to load it

Utility??? - As you say, you have been infected. So now you must
revert to a known clean state - which ultimately means flatten and
rebuild.

Re: Norton Anti Virus is defenseLESS against banbot ! NAV IS TOTALLY USELESS !!

wrote:

Quoted text here. Click to load it


I don't know that I would call it "useless" although it is not favored
by many, myself included. But, since you chose to use it have you
contacted Symantec tech support?

Site Timeline