The Symantec/Norton Thread.

I don't think they name them PUPs, they call them low risk

 

I didn't want to imply what you said was wrong because I've checked it as well. I just said that from my recollection it used to be different.

 

FTV ya I figured that one but I am still not sure what the setting really do as to the different file types. This product sure has alot of options!!!!
Guess home users just have to hope the default settings are good enough

 

As I said earlier, Symantec / Norton calls them PUAs

 

• Reputation: Symantec’s unique Insight™ correlates tens of billions of linkages between users, files, and websites to detect rapidly mutating threats. By analyzing key file attributes, Insight™ can accurately identify whether a file is good and assign a reputation score to each file, effectively protecting against targeted attacks while reducing scan overhead by up to 70%.

• Behavior: SONAR™ leverages artificial intelligence to provide zero-day protection. It effectively stops new and unknown threats by monitoring nearly 1,400 file behaviors while they execute in real-time to determine file risk.

Symantec technologies are more comprehensive, intelligent, and experienced. Many competitors claim to incorporate similar intelligent security features into their solutions, but they cannot ensure accuracy, missing out on millions of threats generated every day. Here are some features from their solutions that explain why:

• “In-the-cloud” virus definition lookup: Competitive solutions rely on traditional sample collection and signatures that are maintained on a server instead of on the computer.
• They rely on security vendors to collect virus samples and are unable to defend against new threats that have not been analysed in their labs
• They only identify malicious applications, instead of both good and bad files
• They do not offer true zero-day protection and do not block unknown files
• Limited “collective intelligence”: They have no global view, with regional or smaller network of users, as compared to the Symantec™ Global Intelligence Network (GIN), which provides global intelligence with a local perspective. Competitive solutions do not offer the breadth and depth that the Symantec Global Intelligence Network provides.
• They do not track sets of files and associations as comprehensively as Symantec
• Their smaller network limits their ability to detect the prevalence and age of files as compared to GIN
• They lack the sophistication of GIN to offer true zero-day protection and block unknown files
• Technology that lacks experience: Competitive solutions only recently made use of their users’ database to collect information.
• They lack the experience and expertise of Insight, which has been developed and enhanced since 2007

========

I dunno. Most AVs have lots of buzzwords. Norton/Symantec is good. But it's amazing how little one learns by reading the company propaganda.

I guess ultimately, that again is why we go to AV-C and others to tell us how the products are really performing.

 

Are you after a job, Frank?

 

Yeah, I'm trying to take your job Krusty. I finally want to make the big bucks... Nothing personal though..

 

The past few days I've been running a couple of other products on my computer but I find myself always coming back to Norton. It is definitely one of the lightest product at the moment (at least of those that actually do something ) and I have good faith in the combined power of its modules. There are only two things that really need to change in my opinion.

1. Malicious website blocking: it should either be independent of browser addons or, if addons stay, it should be separated from the identity safe / toolbar crap. At least I would like to be able to disable the nag screens right at the start, should I choose to disable the addons.
   
   
2. Installation: the product has received a couple of patches since its launch, yet the official installer is still in its initial state. This means you have to undergo a rather lengthy update process after the installation. From my latest experience the product update check has to be performed now at least four times, in order to have the most current version. This includes either restarting the product or rebooting the computer three or four times as well.
   
   If you take into account the average home user, who relies on automatic updates, this means it could take days until the product is up-to-date, which will probably lead to a lot of support requests due to incompatible browser addons. Aside from that installation time is one of the benchmark categories where Norton scores well in PassMark tests. If you account for the actual installation time, they would probably rank worst of all.

 

What version of Windows are you running that you have to reboot with each update? I do not have to reboot for the update(s).
Also, Some of the patches are for Firefox. The average home user probably doesn't have Firefox and would probably not be required to apply some of those patches.
Not wanted to be argumentative, but your experience does not sound typical.

 

I never said that I had to reboot for the updates. Please read more carefully. I explicitly said either restart the product or reboot the computer; though the former isn't actually faster on my computer. Even with fast boot disabled a reboot is quicker than restarting the product in my case.

 

You said "This includes either restarting the product" OR "rebooting the computer three or four times as well". I am not at fault for interpreting that as claiming multiple reboots. In any case thanks for clarifying.

 

Norton is easy to come back to, largely in agreement with you as to why.. It's super-light, and actually 'works' as it's billed to work, and the combined modules offer some great protection. I agree on the other points, annoying to have their web protection tied to a toolbar, that needs to go away. Also having their download insight tied to browsers is ridiculous, it should monitor HTTP/S, not specific browsers. These two things fixed would make Norton 2015 a perfect product. In terms of install, another "I Agree", Trend does this as well, often falling 2-3 versions back on the installer, requiring a 'process' after installation to ensure everything is fully up to date. Meaning the 'average joe' that installs it may not be fully up to date for 1-3 days!

I feel very confident running Norton 2015, only 3-4 products I feel confident with these days - real products - not marketing hyped junk.

It's funny.. My kids actually 'request' Norton 2015, that Norton commercial with kids opening the present and finding Norton isn't all that far fetched. My son loves it because it 'mythically' detects all of the junk he clicks, and he seems to like clicking junk..

 

Lol good points. I recently came back to Norton after not using them since about 2003 or so. It has improved quite a bit. I do not like their toolbar crap either nor do I have it installed. I run it standalone and its doing the job for me.

 

Toolbar I don't need because of my UTM's.. If one had an ASUS router, they could forgo the toolbar as well.

That's the good thing of a UTM, you don't really need URL scanning.

 

UTM?

 

https://en.wikipedia.org/wiki/Unified_threat_management

 

Roger that. Did not recognize by the acronym.

 

Maybe you downloaded the installer from official link, right? Next time try to download from your Norton account. I found NA version is basically newer than official DL site. But I agree to all your points. Protection should be browser independent, and they originally promised it in 2015 beta. They should keep latest version for DL too.

 

I downloaded it from my Norton Account a couple of days ago and still had to run the updater 3 times before it was finished. It doesn't appear they are keeping any of the downloads updated. At least their update servers are fast.

 

22.2.0.31 has been released and as with most updates, it will probably be released in a phased manor. If you run Live Update and don't receive this patch then you will in the next week or two.

https://community.norton.com/en/blo...y-norton-security-backup-222-update-available

 

It's not necessarily latest, but in my case was bit newer than official DL. But version in my region is always behind U.S, not sure if there's regional difference.

 

Got the update yesterday. Thanks Krusty.

 

Congrat's to Norton for winning** the MRG Exploit Test.

https://www.mrg-effitas.com/wp-cont...ffitas_Real_world_exploit_prevention_test.pdf

Explanation in link below as to why I believe Norton was #1 (rather than #2) in the test.

There are now multiple tests that confirm that Norton is a key player in the anti-exploit game.

**
https://www.wilderssecurity.com/thre...sored-by-surfright.374988/page-3#post-2479272


That is all.

-Frank

 

Norton fully enabled may have actually won this test too.

https://static.malwarebytes.org/assets/datasheets/2015-03-31/RCEMitigations.pdf

We will shut down the on access file detection if the product detects the poc by signature so that the exploit can be launched to test the exploit detection capabilities. As exploits and payloads can be easily modified to bypass signature detection1 this is a valid methodology to test for exploit blocking capabilities.​

So had the Norton signature component counted, would additional exploits have been detected? And Norton's global collection of signatures is significant.

I do understand the intent of that testing methodology. But the real-world result of the products tested with some products partially shut off -- is not.... real world.

So.... Norton placed 2nd in the official results in two anti-exploit tests. In both cases, the only product that allegedly beat Norton was the one that paid for the testing.


-Frank

 

I'm using a 90 day trial of Norton Internet Security. I'm really impressed by how light it is. For example, there is very little system load when I open a download folder with hundreds of installers in it Explorer. I'm using an older laptop with a Core 2 Duo processor, and many antiviruses use lots of CPU time when I open one of my download folders, slowing down my computer and also making Windows Explorer run slowly. With Norton, the folder open instantly.

When doing scans, the CPU use is quite high, making my computer run slowly. But, this should be less of an issue once I've done a fill system scan, due to Norton not scanning previously scanned file. Anyway, when I'm not running a scan, the real time protection is not slowing down my computer. I don't do manual scans much anyway, and I can always let a scan run while I'm not using my computer.

I have the scanning of compressed file disabled, as it's a hassle when you want to restore a file which has been quarantined from an archive. I can live with Norton auto quarantining some files, as it's not a big deal to add files you want to keep to the ignore list when restoring them from quarantine.

Unless I encounter any performance issues while testing Norton, I may purchase a license after the 90 day trial. I haven't purchased antivirus software for a few years, but Norton really impresses me. I find that most antivirus software slows down my computer. While my computer is not fast by current standards, it runs quite fast with no antivirus installed, but can be frustratingly slow with antivirus software installed. I wish more AV vendors would work on improving the performance of their products, like Norton have.