Norton Internet Security 2009

Discussion in 'other anti-virus software' started by swisscoms, Sep 11, 2008.

Thread Status:
Not open for further replies.
  1. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    Swisscoms, Blue provided a link in post #44, which is worth a read and gives a little more detail about the purpose and function of Insight.
     
  2. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,127
    Location:
    Las Vegas
    Just click on the link Blue provided in post #44 and it has the Symantec explication of what Norton Insight does.
     
  3. chris1341

    chris1341 Guest

    Thanks. I'll do the same and keep an eye on the sandboxIE forum.

    As for the comments on scan time and insight I cannot offer anything to the technical side of the debate but can confirm I ran 3 scans all took in excess of 90 minutes. When I reset to default settings the scan took less than 10 minutes.

    In my limited experience that must mean it is in someway trusting more than just the running processes.

    Cheers
     
  4. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,127
    Location:
    Las Vegas
    That is impossible-something is wrong with the program and/or the installation or you are running a Quick Scan thinking it is a complete scan. If that were true, Norton would promote 10 minute (or whatever) scan times and they don't.
     
  5. swisscoms

    swisscoms Registered Member

    Joined:
    Feb 10, 2002
    Posts:
    96
    Location:
    Sion, VS. Switzerland
    Thanks folks! I missed that one. Great information about this technology. :cool:
     
  6. chris1341

    chris1341 Guest

    Thanks. Perfectly willing to accept there something wrong with the install or the programe but it WAS a full scan. I ran another with the same results.

    I'll reinstall later and check again. I would not want to think it's running super fast when it's just not running properly.

    Rubenking at pcmag claimed a 5 minute scan second time round with insight credited for it. http://www.pcmag.com/article2/0,2817,2330027,00.asp but maybe I'm reading that wrong.

    As stated I ain't no expert just post what I've experienced.

    Thanks for the heads up.
     
  7. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,127
    Location:
    Las Vegas
    I wish it were true- but not true on my computer. I may be wrong, but I just don't see anyone else confirming same. I have 1.1 million files and it took about 2.3 hours to scan them on a complete setting. I have done it at least a dozen times in beta and now with the final release. If I see evidence to the contrary, I'll let you know.

    I did read the PC magazine review and I saw what he said about the fast scan, I just don't see that being mentioned at the Symantec forum.
     
  8. chris1341

    chris1341 Guest

    Thanks Buck,

    Just an update. Reinstalled. Scan results as follows:

    Scan Time: 3798 seconds
    Scan Options:
    Scan Targets: C:\, R:\, Z:\
    Counts:
    Total items scanned: 649,783
    - Files & Directories: 647,312
    - Registry Entries: 302
    - Processes & Start-up Items: 2,047
    - Network & Browser Items: 117
    - Other: 4
    - Trusted Files: 770
    - Skipped Files: 0

    Rescanned again immediately (as I had done when I got the 10 minute scan)and got this

    Scan Time: 268 seconds
    Scan Options:
    Scan Targets: C:\, R:\, Z:\
    Counts:
    Total items scanned: 67,756
    - Files & Directories: 65,208
    - Registry Entries: 302
    - Processes & Start-up Items: 2,124
    - Network & Browser Items: 117
    - Other: 4
    - Trusted Files: 941
    - Skipped Files: 56,775

    Making Rubenking's 5 minutes look long!

    I shut down and restarted and the scan I started is still running, looks like it will take around the hour again.

    Makes me think on my system at least if you run the full scan more than once in the same session the second scan looks at a vastly reduced number of files thereby reducing scan times.

    No doubt you guys will know if thats a bug or the way its supposed to work. If it's a bug I'd be interested if anyone else has the time or inclination to see if it effects them as well. But then would you run 2 full scans in the same session?

    For me I either put up with longer scans or go back to Avira. Not made my mind up yet.

    Thanks
     
  9. rhuds13

    rhuds13 Registered Member

    Joined:
    Jul 11, 2007
    Posts:
    98
  10. vijayind

    vijayind Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    1,413
  11. Halo326

    Halo326 Registered Member

    Joined:
    Aug 27, 2008
    Posts:
    106
    I don't know about you guys but I am very impressed with NIS 2009. Extremely light. I was along time user of Comodo and believe you me I dont miss the pop ups or the "install Mode". I also was running Avira Premium. I tried KIS 2009 but it slowed my pc and web browsing way down. With NIS I don't even know its running. NIS is the only real time protection I have except for my NAT. Any one else using NIS with something along side it? I tried TF but didnt think it was necessary.
     
  12. Coolio10

    Coolio10 Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    1,124
  13. Halo326

    Halo326 Registered Member

    Joined:
    Aug 27, 2008
    Posts:
    106
    Norton has always been on top or close to the top in detection but its slowness it caused to many systems stop alot of people from using it. Norton got the name "Slowton" cause of this reason. But now with NIS 2009 that is gone.
     
  14. rhuds13

    rhuds13 Registered Member

    Joined:
    Jul 11, 2007
    Posts:
    98
    Still using SAS Pro but took out TF. Still running very good here.
     
  15. shanep

    shanep AV Expert

    Joined:
    Sep 10, 2008
    Posts:
    54
    Chris. What file systems do you have on C: R: and Z: ? Is it FAT or NTFS. ?
     
  16. chris1341

    chris1341 Guest

    Sorry for the delay. NTFS. On this machine still running XP SP2 if that is relevant.
     
  17. Halo326

    Halo326 Registered Member

    Joined:
    Aug 27, 2008
    Posts:
    106
    Just a quick note to all of you which I am sure most of you are aware of. if you try the GRC Leak test it will fail. Why because Automatic Program Control is on by default. In this mode it will automatically configure any program regardless if its bad or not. Turn off Automatic Program Control and then turn on Advanced Events Monitoring. This will also turn on all other features. One bad thing is that it will generate alerts for programs already learned. It will ask if you want IE or FF to connect. All other programs also will generate alerts but once done no more alerts.
     
  18. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,084
    Location:
    USA
    I haven't tested this yet on my system, but this screenshot is from the article linked earlier in this thread...

    http://usera.imagecave.com/Victek/NortonInsight.jpg.jpg

    It seems to be saying that Norton Insight will reduce scanning times for both Quick Scans and Full Scans. I will play with this and post again.
     
  19. Wake2

    Wake2 Registered Member

    Joined:
    Apr 30, 2005
    Posts:
    205
    I downloaded the trial have to say was really impressed with the install, went fast, with no reboot.

    Full scan time was pretty fast to, and am gonna continue to test it on the scan times see if it improves.

    So far I like this new version, running it with Defensewall no problems.

    Wake
     
  20. swisscoms

    swisscoms Registered Member

    Joined:
    Feb 10, 2002
    Posts:
    96
    Location:
    Sion, VS. Switzerland
    I have been playing with the Firewall settings also. I found that switching off the Automatic Program Control and also leaving the Advanced Events Monitoring off, the Firewall Alert pop up has many more options as seen in this photo on GRC.

    GRC.jpg

    With Advanced Events Monitoring switched on, it passes the PC Flank Leak Test also.
     
  21. Halo326

    Halo326 Registered Member

    Joined:
    Aug 27, 2008
    Posts:
    106
    So I wonder whats better. Advanced Monitoring On or Off. I currently have mine on.
     
  22. Cloudcroft

    Cloudcroft Registered Member

    Joined:
    Feb 29, 2004
    Posts:
    471
    Location:
    The Hill Country of Texas
    Swisscoms, I have Automatic Program Control turned off, and when I run GRC Leaktest, I get the alert, and manually deny access. I tried turning off Advanced Events Monitoring also as you suggested, but when I ran Leaktest, I got no alert and failed Leaktest. I haven't been able to figure out why I didn't get an alert as you did.

    Edit: Nevermind Swisscom, I figured out what was going on, and now see the alert with additional options as you illustrated.
     
  23. Halo326

    Halo326 Registered Member

    Joined:
    Aug 27, 2008
    Posts:
    106
    Ok well I just figured out that Advanced Monitoring should be on cause without bring on (off) all the other options are grayed out.
     
  24. Cloudcroft

    Cloudcroft Registered Member

    Joined:
    Feb 29, 2004
    Posts:
    471
    Location:
    The Hill Country of Texas
    Good question...what's the advantage to having it turned on...you get an alert with additional options with it turned off?
     
  25. Halo326

    Halo326 Registered Member

    Joined:
    Aug 27, 2008
    Posts:
    106
    If you turn it off then you dont have code injection or key logger protection cause its grayed out. I tried it with it on and I got a key logger waring using OpenOffice.Org. But when its off and after I deleted the OpenOffice entry I got no alert. Best to leave Advanced Monitoring on. A block is a block correct. Doesn't matter if its the session of permanently. Click on the "?".

    Advanced Events Monitoring


    When you are connected to the Internet, there are various ways by which intruders can gain unauthorized access to your computer. Intruders can gain access to your computer in the following ways without causing firewall alerts to appear:

    Launching and manipulating safe programs without your knowledge

    Attaching to a safe program without getting detected

    Launching trusted applications in hidden mode through command-line parameters

    Injecting code into other applications' processes

    Modifying the URL of an Internet browser through Windows messages

    Bypassing firewall inspections by penetrating the Windows TCP/IP layer to send and receive data

    Using documented interfaces provided by Windows Active Desktop to transmit data outside the network

    Using keylogger programs to monitor the keystrokes of a computer user, thereby gaining access to a user's personal information

    You can turn on Advanced Events Monitoring only if you turn off the Automatic Protection Control feature.

    When you turn on Advanced Events Monitoring feature, you are prompted with numerous firewall alerts. If you do not want to receive firewall alerts, you can turn on Silent Mode. When you turn on Silent Mode, Norton Internet Security automatically turns on Automatic Program Control and disables the Advanced Events Monitoring features. You cannot configure Advanced Events Monitoring when you turn on Silent Mode.

    Handling Advanced Events Monitoring is strongly discouraged because you might make incorrect decisions that can allow malicious programs or block critical Internet programs and functions.


    When you turn off Automatic Program Control, you can configure the various features in Advanced Events Monitoring. You can use the Advanced Events Monitoring features to allow or deny any of the events that may harm your computer. When the event occurs for the first time, a firewall alert appears and you can allow or block the event. When you allow the event, the event details are logged under any of the categories available in Advanced Events Monitoring. You can remove the event details from the list. In this case, the event details reappear in the list when the event is run again. However, an alert does not appear when the event is run for the second time. A rule is created the first time a program runs. The same rule is applied to the program when it runs again. So an alert does not occur when a recognized program runs.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.