I only ever had it with one site, and that was a wordpress site, and in fairness norton was correct, the site had been hacked and redirected users all over the place, funnily enough just today I had another old wordpress site get hacked the same way, although Norton has not picked up that one yet.
I actually do not know how other people handle stuff like this, i mean in the last decade I could have 300 websites that I have had something to do with, that I do not touch ever again, as with WordPress sites the client uses the CMS to keep it up to date. Everytime WordPress comes out with an update I am not going to go and update 300 WordPress installations and all their plugins, so every now and again I am going to get a hacked one.
Even my Wappler sites, when a Wappler or DMXZone update comes out I never go open all my old sites and republish to give them the updates, does anyone else do this.