Norton Internet Security, Antivirus and 360 Being Retired?

Discussion in 'other anti-virus software' started by Raza0007, Sep 19, 2014.

  1. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,221
    Location:
    The land of no identity :D
    It should at least cover registry changes and/or changes to OS/system files. Rest all I agree with - the aim is to get a functional system after removal of malware. Deletion of personal data/files does not interfere with functionality of the system.
     
  2. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I'm not at home right now, but I think it was Marhana_Sharma or something similar to that.

    10 devices for $89 is one of the best multi-machine deals out, but for $40? It is the best deal out there. I just converted everything over the Norton yesterday, and it's running great. Everything feels snappier then when I had ESET on them. So Norton on the devices, and Trend on the Router, looks good from here.
     
  3. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,084
    Location:
    USA
    Of course recovery of data can't be guaranteed, but this kind of policy opens a real can-o-worms for tech support. Customers can have a range of expectations as to what the security software and the support team should be able to accomplish. For instance can Norton Security prevent the various crypto malware from encrypting user data files or decrypt them after the fact? If not does that get you a refund? It's the guys/gals on the front lines that get to deliver the bad news :'( :cool:
     
  4. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,103
    Location:
    on my zx10-r
    i have had to help a number of people get upgraded that are my normal clients. people are having a tough time getting many reps to upgrade their lic it seems. when i called i had no issues so i can not say the reason for this but so far i have been able to get more than probably a dozen people upgraded to the newest version. i was told no twice though and offered the same 50% off thing many say they are offered.

    on another note is anyone finding it a bit to sensitive. it seems to like to flag a lot of things that are fp's and i am seeing an odd thing where it says something is detected and blocked but then get another box asking if i want to do anything with that same file it said it just blocked? i sent the info to them to see what they say.
     
    Last edited: Oct 3, 2014
  5. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,103
    Location:
    on my zx10-r
    except i paid only 30$ for the more then 20 boxed eset 5+5 packs when newegg had them on sale (i stocked up on those for that price) so i paid no where near 149.00. i agree though 40$ is pretty good but ill bet soon enough everyone will be able to get this kind of price or even cheaper from major places like staples and newegg etc..
     
    Last edited: Oct 3, 2014
  6. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    $34.95 for the Eset's, I purchased a couple for my home a well. Anywhere else, deployment mandates enterprise solutions for the managed installs/updates/threat remediation. Nevertheless. But Norton is still the best deal around for that many devices without a code, but with it - the best deal factoring the 25gb of cloud storage.

    No issues with it being finicky, and I have run scans on some machines with 3-4 TB's of data.
    I actually like how the quarantine system works, and the expanded data, with option to submit without filling anything out.
     
  7. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    8,904
    Location:
    Among the gum trees
    Anyone else having slow shutdowns with NS or NSwB v22?
     
  8. Rohugh

    Rohugh Registered Member

    Joined:
    Apr 6, 2014
    Posts:
    56
    Nope. My Win 7 machine with NSwB shuts down normally, program up to date as of earlier today.
     
  9. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    5,600
    Location:
    DC Metro Area
    There are a number of posts on the Norton NS Forum complaining about this issue of slow shut downs-It is apparently a widely experienced problem.
     
    Last edited: Oct 5, 2014
  10. controler

    controler Guest

    Try running Adwarecleaner with this running once for me. On my machine it said the downloaded exe was ok but when I tried to run that exe it killed it.
     
  11. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    None at all, in fact it is exceptionally light and speedy. But I run only Windows 8.1 or Windows 10 here. Perhaps NS is optimized for Windows 8X systems? That'd be great.
     
  12. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    8,904
    Location:
    Among the gum trees
    Yep, I'm well aware of those posts. ;)
     
  13. Dark_Hanzo

    Dark_Hanzo Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    204
    Location:
    CA
  14. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Morning! Attention K-Mart Shoppers...Aisle 4...Now the Pricing Hits The Street...Reality's Here! I'll check Staples Website when it's Up and Running. Thank's For the Heads Up Dark Hanzo...nice to see for once Canada's Taken the Retail Initiative. Sincerely...Securon
     
  15. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    2,273
    Location:
    Hollow Earth - Telos
    I just saw a new Utube Video of the new norton and it tested out real bad....
    Norton Security 2015 review
     
  16. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,084
    Location:
    USA
    Can you provide some more information so we can know which video you're talking about?
     
  17. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    2,273
    Location:
    Hollow Earth - Telos
    Uploaded by The PC Security Channel on Utube
     
  18. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,772

    I saw that, but have seen others where it has been great. Something seemed off it that test.
     
  19. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Strange test - something seems wrong with it, that one guy had bad results, but the other testers on Youtube had excellent results. One tester reported Norton blocked 92% malware at the gate via URL scanning, and 99.9% he tried to execute. Another tester on Youtube reported it blocked everything but one VB virus, but Norton prevented the VB from damaging the system. Speaking from an Enterprise side - and 2015 has most of the enterprise features, it's very rare for me to find an infection on a Symantec Installed machine setup using best practices. Aggressive Sonar, Aggressive Heuristics, and Download Insight set to 9 rather than 8. Without these settings I routinely found infected systems vs with these settings I haven't found one yet.

    If you run 2015 now at home (and I do), I would strongly recommend increasing Sonar to Aggressive, Low Risk to Remove, Heuristic Protect to Aggressive, and Block Malicious Activity to Aggressive. All of these are either off, or set very low by default, and I consider them crucial to creating an effective, well protected system. I'd like to see a test with these set in this way.
     
  20. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,772
    What do these changes do to resource usage and false positives? I'd assume Norton choose the defaults for a reason.
     
  21. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    The changes seem to not increase weight of the program at all.

    False positives may increase, but very slightly, and on the average system they should still be rare. I have this setup on 10 machines here at home, and roughly 3,500+ machines in the MSP (the ones that run Symantec), and it hasn't been an issue yet. It seems to just increase Norton's posture, and awareness, but not make it overly paranoid.

    Block Malicious Activity basically kicks Norton's already potent Firewall up into a mode where it carefully monitors BOT/WORM activity, and pays closer attention to traditional ports BOT/Worms tend to use. It also activates enhanced IPS/IDS signatures. So that itself is quite valuable.

    One thing people are neglecting to discuss.. Norton contains an extremely powerful firewall in it's product with it's own IPS/IDS signatures that are quite fleshed out. Few consumer products seem to function at this level in terms of Firewall. It's not some simplistic rulesets tacked onto Windows Firewall - a method I don't actually approve of.
     
  22. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I suspect the bad Youtube review in the face of all good ones, the guy blocked Norton from connecting to the internet. Either host file block, proxy block or something else, while allowing his browser through. Maybe that's why Norton utterly failed in this test, while it was exceptional in other tests. If Norton is blocked from the internet it essentially becomes 'half a product'. SONAR reaches out to the cloud to validate files, and do a heuristic analysis, and this is is crucial for zero-day malware, and insight into downloads.
     
  23. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,772
    I've seen a number of his videos, and I don't think he would have done anything like that, at least not on purpose. I wonder if something was going on with Nortons servers at the time. It seemed very slow to respond throughout his test.

    The other thing I wonder about with Norton, it is seems malware often runs for a bit prior to the sonar results. Does Norton sandbox the malware while it waits for the cloud? Or does it have some kind of rollback feature. Other wise in those seconds/minutes it take Sonar to act, bad stuff can happen.
     
  24. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I did notice the slow response from Norton on this test. In fact, it was ridiculously slow. If Norton cannot obtain insight into a file it will default it to allow/good because it doesn't want to block functionality of the PC. So in effective it would temporarily whitelist everything. He said Norton picked up more after it rebooted, which may indicate it was 'attempting' to authenticate more of the files each time the connection was restablished. Further indicating there may have been a potential issue with his test (or connection during his test).

    Norton has basically what we could say is a hybrid Sandbox. When an unclassified file is executed Norton 'watches' for strange/unusual/suspect activity, then on-the-fly classifies the file as bad, and removes/blocks/fixes what it did. This is what the delay you notice is basically happening. It seems a bit like Webroot in this aspect, or 'webroot lite' if you will, as it's only a small aspect of what it does. SONAR itself is a machine learning system based on their enterprise security, like Trend Deep Security.

    Future successful AV's will all likely use systems likes this, especially the machine learning/classification. With new outbreaks it's much easier to classify based on reputation, rather than signature, and factoring a variety of metrics. Object->Object Source->Signed/unsigned->Commonality->User Scores, etc. We may also some AV's in the coming months/years start to use region classification. Trend and Fortinet are working on systems to classify risk based on Region Activity, and adjust their products accordingly - automatically. Downloading stuff from China? AV will 'notch it up' a bit, for example. Sounds racist, but it's the way of the future. Region-Classification/Blocking has been commonplace in the Enterprise world for awhile, and it's time consumers benefit from it.
     
    Last edited: Oct 5, 2014
  25. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Think of it like this;

    New Link
    Norton HTTP inspection(on click) pass/fail.(if it cannot validate it passes - such as bad/no internet)
    File downloaded from link.
    File Blocked
    Download Insight(on download) Inspection pass/fail. (if it cannot validate it passes - such as bad/no internet)
    File Downloaded.
    File Blocked.
    Norton Antivirus(on save+on execute) Signatures pass/fail.
    File executed.
    File denied.
    SONAR Inspection(on execute) pass/fail. (if it cannot validate it passes - such as bad/no internet)
    On Pass -> File Runs
    On Fail -> File stopped, rolled back, blacklisted.
    File Passes everything to this point.
    Norton Firewall(background) BOT/Worm/Port/IPS Monitoring.
    Suspicious Activity -program blocked, blacklisted, all aspects pushed on this new data.
    No Suspicious Activity - program runs as normal.

    Norton is a layered approach, provided you have an internet connection. In a malware test where someone is tossing 200 pieces of malware at it, it MAY not fully validate/deny due to the queue, and hence would rely exclusively on signatures until such a time it can validate. Which again may explain why this got kept finding Norton finding more things after a delay, and restarts. This isn't a practical, realistic test of the product simply because the vast majority (if not all) of people using it will not be exposing it to 20, 50, even 200 viruses in a few minutes. In my opinion at least..

    At the very least, he should have let the machine marinade with the threats and norton for an hour or two, and then see what happens. Norton unless tested thoughtfully, may prove to be like Webroot in that it is hard to synthetically test it, but it performs quite well under reasonably 'normal' conditions of the vast majority of people using it. Symantec may have dropped from tests simply because they were aware their new technology wouldn't be properly represented, yet would be exceptionally protective in the real world.

    The fundamental lack of understanding in this quoted youtube video is a bit alarming to me. Someone opening a directory with 200 pieces of malware, then randomly 'clicking' on all of them without understanding how the product works is bordering on incompetence..
     
    Last edited: Oct 5, 2014
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.