United States
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Norton 360

Reply
Topic Options
jigneshdesai
Contributor
jigneshdesai
Posts: 28
Registered: ‎08-31-2011

N360 program Control Monitoring looks suspecious

Options

‎06-04-2012 03:52 AM

Hi all,

 

I get a strange feeling that N360's Program control Monitor is not quite strict as it should be.   it automatically has a very long list of programs that can access internet ?  I wonder why it would allow such a long list.  Even if i remove all, it automatically gets populated again, when i choose "OK" in any one of the alert that is trying to access internet, eg. IE.

 

I get more strange feeling when i see entries like the one in screen shot.  what wordicon.exe has anything to do with intetnet and how come it was selected in the list?  more over its a file from "c:\windows\installer" folder.   I believe that is a temp. folder used by windows, but that also raises another question, if that is true then why has "file cleanup" procedure has never cleared this folder.

 

So there goes a couple of question here ...

1. How is program component selecting which files has access to internet, even if i have never manually added or granted any permission for that file during alert popups. 

2. Does it mean that N360 is compromised?  or it means it does not have inbuilt ability to predict suspecious file in the list, based on folder path or based on his "reputation" knowledge?

3."c:\windows\installer" folder a temp folder, can i blindly delete entire folder?

 

Please Advice.

 

Regards

 

 

N360-Issue1.jpg

 

 

 

 

Report Inappropriate Content
Message 1 of 2 (92 Views)
0 Kudos
SendOfJive
Posts: 9,887
Kudos: 4,187
Solutions: 706
Registered: ‎02-07-2009

Re: N360 program Control Monitoring looks suspecious

[ Edited ]
Options

‎06-04-2012 10:14 AM - edited ‎06-04-2012 10:17 AM

jigneshdesai wrote:

So there goes a couple of question here ...

1. How is program component selecting which files has access to internet, even if i have never manually added or granted any permission for that file during alert popups. 

2. Does it mean that N360 is compromised?  or it means it does not have inbuilt ability to predict suspecious file in the list, based on folder path or based on his "reputation" knowledge?

3."c:\windows\installer" folder a temp folder, can i blindly delete entire folder?

1.  When a program requests network access the Norton Smart Firewall first verifies that the program is legitimate.  It then monitors the traffic for any suspicious activity.  If a program is safe and the activity is normal and expected, then rules are created to allow the program internet access and it is added to the Program Control list.

 

2.  Norton is not compromised.  It actually has more information about both legitimate and malicious programs than most users possess.  And, as it filters the traffic the firewall can instantly recognize and block any abnormal or malicious connections.  In short, the Smart Firewall has much more data at its disposal than most users have, and will almost always be able to do a better job of controlling program access to the network than can the user.

 

3.  No, you should not blindly delete anything.  Never delete anything unless you are sure of what it is, what it does and what the consequences will be.  In this case:  http://support.microsoft.com/kb/2667628

Report Inappropriate Content
Message 2 of 2 (78 Views)
0 Kudos

Products

Services

Support

Norton on Facebook
Norton on Twitter
Norton's YouTube Channel
Symantec on Linked In
Norton on Google+