Lite Critique of NIS 2011..

Discussion in 'other anti-virus software' started by Longboard, Oct 24, 2010.

Thread Status:
Not open for further replies.
  1. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    NIS 2011 has now been around for a while and so time for me to think about extending my subs in one of my system images from NIS 2010 >> 2011.
    See here:
    https://www.wilderssecurity.com/showthread.php?t=285055

    I was interested to see in light of how i had a problem; how so many threads at the NIS forum were from users who were expressing frustration re various aspects of NIS 2011 in particular Sonar, reputation, removal of files, quarantine..and then there it is again the ASk search box...:doubt: .

    For those who don't peruse the FDISR forums, I thought I'd leave this hanging and welcome any comments..
    I've had Norton/Symantec on the MS box for years...no real reason..does well at AVC...?? .. too lazy to change??....am having a big think now.
     
    Last edited: Oct 24, 2010
  2. drakester

    drakester Registered Member

    Joined:
    Feb 17, 2010
    Posts:
    54
    Developer here.

    It's mostly FUD, of course it gets overprotective when it comes to cracks, keygens and such - it deletes them without much option.
    However, I have only found a single instance where I couldn't restore a file from quarantine: there was a keygen in a USB thumb drive.

    I develop applications in Java, C++, C#, etc. I never had any of my applications deleted. It's not just the "newness" of the executable, it depends on many factors. I guess it's good luck from my side.

    A common problem I have seen is that it deletes patched Windows Live Messenger exe (A-patch) - but you can always restore and add an exclusion. It makes sense, it's a MS file that has been patched and connects to the internet - a potential threat. But again this might represent an issue to others.

    If anything goes wrong I've read that you can submit a FP and it gets whitelisted pretty quickly.

    The only flaw I have found is that if you lose your internet connection you're losing a lot of the power and detection. It relies a lot on the cloud info despite having signatures too. Might be an issue for some.

    I've found NIS and Avast the only suites that are robust and light enough to put in a development machine. :thumb:

    Just my 2 cents. :)
     
  3. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    what do you mean by "robust"?neither are particularly difficult to shut down by malware
     
  4. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    IMO biggest problem for Norton is that there is no option what to do with threat that is found.
    I can understand that for grandmas it's fine, that operation is enabled by default , okay.
    But why not make it in options to receive alert about it if someone wants that o_O
    That auto-deletion business is no good :mad:
    And that's the only reason I stopped using it.

    :thumbd:
     
  5. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,115
    It was very good your post.

    Here to be honest I think that at most 5 FP's, and I got all five of these restore successfully.

    As two more people use my computer for a self-exclusion is really great, because not everyone has the right view to delete the virus correctly.

    For me this is not a problem but a solution. :thumb:

    Sorry for my english! :(
     
  6. drakester

    drakester Registered Member

    Joined:
    Feb 17, 2010
    Posts:
    54
    As most security solutions are nowadays, your setup shouldn't rely on a single layer.

    As said in other threads, this is kind of a losing battle unfortunately. The malware writers will always target the popular solutions and also will always search actively for flaws in them - which all software has, some more evident than others.

    Pretty much anyone can come and claim that he/she is able to bypass x software. I can only talk from what I have experienced and so far I had no issues with either of them.

    My browsing/computer usage habits are good enough so I can feel safe with my current setup, I need the system resources to work, not for something else in the background. I have a couple of on-demand scanners and nothing else.

    I already suggested in Norton Ideas more control for the users, hopefully I can make the suggestion once the next major version hits alpha. I agree that this should be amended, however it is no big deal for me right now. I almost never have encountered FPs.
     
  7. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Boo; ;) : Not FUD.
    I use the tool !
    As noted "lite" critique, recounting my ( and others') issue/s with presets and giving it all to Symantec.
    OK, so that's the default: like it or lump it I guess.

    Why have the ASK search as default install ?
    That has aroused much ire here and there.

    As to FPs: 25 page !! thread: not the only one.
    http://community.norton.com/t5/Nort...Norton/SONAR-is-deleting-programs/td-p/160660
    Lots of toing and froing.

    It seems to me Symantec has responded - partially - to users concerns and readjusted some defaults.
    Good. :)

    The default behavior for removing some perceived threats should be revisited.
    I agree, there should be some more operator dependent decisions rather than Symantec quarantining/wiping and needing somewhat annoying restore process..

    Having to exclude objects from Auto scan and Sonar is overly complex.
    Why does it take so many screens for exclusion ?
    Learning/whitelist scan for those who want it ??
    One click" known good file" option ??

    Does the shell extension context menu option: "File Insight" exclude files if labeled by user as good ??
    That is not clear.
    etc etc
    Minor gripes perhaps but still pita if one's system gets fiddled with.
    Surely amongst all that gloss there could be some 'expert user' options.

    @drakester:
    :blink:
    Ya, that should just about cover it ?? :D
    Regards.
     
    Last edited: Oct 25, 2010
  8. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,046
    Location:
    USA
    It's mostly not. I've opened applications (PSPad for example) and it closes the program and deletes the executable. I've removed it more than once for such issues. It seems to be doing better the last couple of months though or I would not be using it now. It needs to ask before deleting my files. My biggest if not only complaint with NIS.
     
  9. drakester

    drakester Registered Member

    Joined:
    Feb 17, 2010
    Posts:
    54
    Nice assumption :rolleyes: , I have 5 computers and those are the products that I've used or use.
    As matter of fact I'm only using 1 and 3 in them, mostly Avast. Norton is only on my laptop.
    I don't list on-demand scanners and such because I'm lazy to write all that.:argh:

    @Jack:
    With mostly FUD I referred to the negativity towards Norton products in general.
    Yesterday the latest nightly of Firefox (Minefield) got deleted for me, kinda annoying... I feel the same way, don't get me wrong. :p That's why I suggested more control, hopefully they'll listen.
     
  10. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,046
    Location:
    USA
    Ok, and agreed. ;)
     
  11. drakester

    drakester Registered Member

    Joined:
    Feb 17, 2010
    Posts:
    54
  12. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,046
    Location:
    USA
  13. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,115
  14. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,046
    Location:
    USA
    Then that should be an optional setting with the choice of automatic or prompted. The complaint with the automatic is false positives, which nobody should want automatically deleted.
     
  15. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    what if somebody at the labs makes a **** up and one of your system gets deleted as malware:-false +ves have been know to include some pretty important files in the past(not just talking Norton here!)
     
  16. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,115
    Honestly, I had only five false positives since when I use it (Use a 1 year ago), of which 5 could restore both of quarantine.

    However I agree with Jack.
     
  17. Hezakiah

    Hezakiah Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    165
    Location:
    SW Florida
    Anybody know of any superduper, ultra mega cheap deals on Norton products? Even on the older ones? ;)
     
  18. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
  19. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,115
Thread Status:
Not open for further replies.