Norton Internet Security, Antivirus and 360 Being Retired?

It should at least cover registry changes and/or changes to OS/system files. Rest all I agree with - the aim is to get a functional system after removal of malware. Deletion of personal data/files does not interfere with functionality of the system.

 

I'm not at home right now, but I think it was Marhana_Sharma or something similar to that.

10 devices for $89 is one of the best multi-machine deals out, but for $40? It is the best deal out there. I just converted everything over the Norton yesterday, and it's running great. Everything feels snappier then when I had ESET on them. So Norton on the devices, and Trend on the Router, looks good from here.

 

Of course recovery of data can't be guaranteed, but this kind of policy opens a real can-o-worms for tech support. Customers can have a range of expectations as to what the security software and the support team should be able to accomplish. For instance can Norton Security prevent the various crypto malware from encrypting user data files or decrypt them after the fact? If not does that get you a refund? It's the guys/gals on the front lines that get to deliver the bad news

 

i have had to help a number of people get upgraded that are my normal clients. people are having a tough time getting many reps to upgrade their lic it seems. when i called i had no issues so i can not say the reason for this but so far i have been able to get more than probably a dozen people upgraded to the newest version. i was told no twice though and offered the same 50% off thing many say they are offered.

on another note is anyone finding it a bit to sensitive. it seems to like to flag a lot of things that are fp's and i am seeing an odd thing where it says something is detected and blocked but then get another box asking if i want to do anything with that same file it said it just blocked? i sent the info to them to see what they say.

 

except i paid only 30$ for the more then 20 boxed eset 5+5 packs when newegg had them on sale (i stocked up on those for that price) so i paid no where near 149.00. i agree though 40$ is pretty good but ill bet soon enough everyone will be able to get this kind of price or even cheaper from major places like staples and newegg etc..

 

$34.95 for the Eset's, I purchased a couple for my home a well. Anywhere else, deployment mandates enterprise solutions for the managed installs/updates/threat remediation. Nevertheless. But Norton is still the best deal around for that many devices without a code, but with it - the best deal factoring the 25gb of cloud storage.

No issues with it being finicky, and I have run scans on some machines with 3-4 TB's of data.
I actually like how the quarantine system works, and the expanded data, with option to submit without filling anything out.

 

Anyone else having slow shutdowns with NS or NSwB v22?

 

Nope. My Win 7 machine with NSwB shuts down normally, program up to date as of earlier today.

 

There are a number of posts on the Norton NS Forum complaining about this issue of slow shut downs-It is apparently a widely experienced problem.

 

Try running Adwarecleaner with this running once for me. On my machine it said the downloaded exe was ok but when I tried to run that exe it killed it.

 

None at all, in fact it is exceptionally light and speedy. But I run only Windows 8.1 or Windows 10 here. Perhaps NS is optimized for Windows 8X systems? That'd be great.

 

Yep, I'm well aware of those posts.

 

Staples.ca is selling NS (1 year-5 users) for $39.99.

http://www.staples.ca/en/Norton-Sec...iption-Bilingual/product_1278863_2-CA_1_20001

 

Good Morning! Attention K-Mart Shoppers...Aisle 4...Now the Pricing Hits The Street...Reality's Here! I'll check Staples Website when it's Up and Running. Thank's For the Heads Up Dark Hanzo...nice to see for once Canada's Taken the Retail Initiative. Sincerely...Securon

 

I just saw a new Utube Video of the new norton and it tested out real bad....
Norton Security 2015 review

 

Can you provide some more information so we can know which video you're talking about?

 

Uploaded by The PC Security Channel on Utube

 

I saw that, but have seen others where it has been great. Something seemed off it that test.

 

Strange test - something seems wrong with it, that one guy had bad results, but the other testers on Youtube had excellent results. One tester reported Norton blocked 92% malware at the gate via URL scanning, and 99.9% he tried to execute. Another tester on Youtube reported it blocked everything but one VB virus, but Norton prevented the VB from damaging the system. Speaking from an Enterprise side - and 2015 has most of the enterprise features, it's very rare for me to find an infection on a Symantec Installed machine setup using best practices. Aggressive Sonar, Aggressive Heuristics, and Download Insight set to 9 rather than 8. Without these settings I routinely found infected systems vs with these settings I haven't found one yet.

If you run 2015 now at home (and I do), I would strongly recommend increasing Sonar to Aggressive, Low Risk to Remove, Heuristic Protect to Aggressive, and Block Malicious Activity to Aggressive. All of these are either off, or set very low by default, and I consider them crucial to creating an effective, well protected system. I'd like to see a test with these set in this way.

 

What do these changes do to resource usage and false positives? I'd assume Norton choose the defaults for a reason.

 

The changes seem to not increase weight of the program at all.

False positives may increase, but very slightly, and on the average system they should still be rare. I have this setup on 10 machines here at home, and roughly 3,500+ machines in the MSP (the ones that run Symantec), and it hasn't been an issue yet. It seems to just increase Norton's posture, and awareness, but not make it overly paranoid.

Block Malicious Activity basically kicks Norton's already potent Firewall up into a mode where it carefully monitors BOT/WORM activity, and pays closer attention to traditional ports BOT/Worms tend to use. It also activates enhanced IPS/IDS signatures. So that itself is quite valuable.

One thing people are neglecting to discuss.. Norton contains an extremely powerful firewall in it's product with it's own IPS/IDS signatures that are quite fleshed out. Few consumer products seem to function at this level in terms of Firewall. It's not some simplistic rulesets tacked onto Windows Firewall - a method I don't actually approve of.

 

I suspect the bad Youtube review in the face of all good ones, the guy blocked Norton from connecting to the internet. Either host file block, proxy block or something else, while allowing his browser through. Maybe that's why Norton utterly failed in this test, while it was exceptional in other tests. If Norton is blocked from the internet it essentially becomes 'half a product'. SONAR reaches out to the cloud to validate files, and do a heuristic analysis, and this is is crucial for zero-day malware, and insight into downloads.

 

I've seen a number of his videos, and I don't think he would have done anything like that, at least not on purpose. I wonder if something was going on with Nortons servers at the time. It seemed very slow to respond throughout his test.

The other thing I wonder about with Norton, it is seems malware often runs for a bit prior to the sonar results. Does Norton sandbox the malware while it waits for the cloud? Or does it have some kind of rollback feature. Other wise in those seconds/minutes it take Sonar to act, bad stuff can happen.

 

I did notice the slow response from Norton on this test. In fact, it was ridiculously slow. If Norton cannot obtain insight into a file it will default it to allow/good because it doesn't want to block functionality of the PC. So in effective it would temporarily whitelist everything. He said Norton picked up more after it rebooted, which may indicate it was 'attempting' to authenticate more of the files each time the connection was restablished. Further indicating there may have been a potential issue with his test (or connection during his test).

Norton has basically what we could say is a hybrid Sandbox. When an unclassified file is executed Norton 'watches' for strange/unusual/suspect activity, then on-the-fly classifies the file as bad, and removes/blocks/fixes what it did. This is what the delay you notice is basically happening. It seems a bit like Webroot in this aspect, or 'webroot lite' if you will, as it's only a small aspect of what it does. SONAR itself is a machine learning system based on their enterprise security, like Trend Deep Security.

Future successful AV's will all likely use systems likes this, especially the machine learning/classification. With new outbreaks it's much easier to classify based on reputation, rather than signature, and factoring a variety of metrics. Object->Object Source->Signed/unsigned->Commonality->User Scores, etc. We may also some AV's in the coming months/years start to use region classification. Trend and Fortinet are working on systems to classify risk based on Region Activity, and adjust their products accordingly - automatically. Downloading stuff from China? AV will 'notch it up' a bit, for example. Sounds racist, but it's the way of the future. Region-Classification/Blocking has been commonplace in the Enterprise world for awhile, and it's time consumers benefit from it.

 

Think of it like this;

New Link
Norton HTTP inspection(on click) pass/fail.(if it cannot validate it passes - such as bad/no internet)
File downloaded from link.
File Blocked
Download Insight(on download) Inspection pass/fail. (if it cannot validate it passes - such as bad/no internet)
File Downloaded.
File Blocked.
Norton Antivirus(on save+on execute) Signatures pass/fail.
File executed.
File denied.
SONAR Inspection(on execute) pass/fail. (if it cannot validate it passes - such as bad/no internet)
On Pass -> File Runs
On Fail -> File stopped, rolled back, blacklisted.
File Passes everything to this point.
Norton Firewall(background) BOT/Worm/Port/IPS Monitoring.
Suspicious Activity -program blocked, blacklisted, all aspects pushed on this new data.
No Suspicious Activity - program runs as normal.

Norton is a layered approach, provided you have an internet connection. In a malware test where someone is tossing 200 pieces of malware at it, it MAY not fully validate/deny due to the queue, and hence would rely exclusively on signatures until such a time it can validate. Which again may explain why this got kept finding Norton finding more things after a delay, and restarts. This isn't a practical, realistic test of the product simply because the vast majority (if not all) of people using it will not be exposing it to 20, 50, even 200 viruses in a few minutes. In my opinion at least..

At the very least, he should have let the machine marinade with the threats and norton for an hour or two, and then see what happens. Norton unless tested thoughtfully, may prove to be like Webroot in that it is hard to synthetically test it, but it performs quite well under reasonably 'normal' conditions of the vast majority of people using it. Symantec may have dropped from tests simply because they were aware their new technology wouldn't be properly represented, yet would be exceptionally protective in the real world.

The fundamental lack of understanding in this quoted youtube video is a bit alarming to me. Someone opening a directory with 200 pieces of malware, then randomly 'clicking' on all of them without understanding how the product works is bordering on incompetence..