Last night I downloaded a file from www.nrm.org.uk/scotsmangift. After the file completed downloading Insight scanned the file and then deleted it saying that it was a risk. I reached that site from www.railsimulator.com, a reputable site about railroad simulators. As a Christmas gift, they released a free 600 mb simulator called 'Flying Scotsman'. I was quite upset as I am quite sure this was a false positive and I had just wasted 600mb of bandwidth, and time. Insight says "There are many indications that this file is untrustworthy and therefore unsafe."
My questions are these:
1) What are the 'many indications' the file is untrustworthy.
2) Realizing Insight had received fewer than 5 downloads of this file, at what point does the number of times a file being downloaded increase it's reputation? If a file is reputable, how do the first users to download it get past Insight?
3) I don't want to disable Insight as I think it is a viable and worthwhile function but I'd like to learn more about how to specifically handle a file such as the one I've mentioned.
4) Specifically, I want the option for *me* to make the final determination that a file is safe or not. Is there a way to make Insight do this? I've searched through the Settings and haven't found anything along those lines.
5) I can submit this file as a false positive, and have done that once before with great results from the support folks, but it took several days to get the issue resolved.
6) I want to download this file now. I realize I can disable Insight and then download the file again. This doesn't go to the larger issue of how do I determine a download's reliability *before* I download the file? Not that I should have to do that, but it seems to me that option should be available.
A suggestion - is it not possible for Insight to report on the status of a file *prior* to starting the download simply by checking the file link/name at the start of the download? That would save any loss of time/bandwidth.
I appreciate any comments and other thoughts.
John
John,
As an ex LMSer (Berkhamsted, Herts) I'd prefer the Royal Scot .... <g>
I'm downloading that file as I type and no warnings yet but it 's a slow link so I'll come back after it's downloaded and report what has happened.
Meanwhile can you check Support / About and say what the version ID of your NIS 2011 is -- it's there in the format nn.nn.nn.nnn
Download completed with no alarms from NIS 2011 and a NIS popup saying the exe was safe.
I selected the exe file and ran the Norton Insight ooption on it and if came up clean
I installed it (I didn't install the PhysX driver since I didn't know what it might do to my on mobo graphics chip) and apart from an error message about not initializing the PhysX it seemed to start up OK to the Xmas card.
So I would suggest two possibilities -- the source was infected and they replaced the file (there is a help link NOT to the Museum it says) or that Insight updated its "definitions" and no longer flags. it.
Perhaps uninstall it, empty all Temp files and try again?
BTW You can check a site URL by clicking on the bottom right icon on the NIS 2011 GUI (Safe Web if you can read small) and pasting the URL into the top box. I just tried that and it just says that the site has not been checked yet.
And the NRM URL you give first is cleared by Insight:
| •Computer Threats: | 0 | |
| •Identity Threats: | 0 | |
| •Annoyance factors: | 0 | |
| Total threats on this site: | 0 | |
| •Community Reviews: | 0 |
I've just successfully downloaded the file. I followed the same download procedure as the first time. This second time, no flags. I also manually scanned, with no problems. Scanning the first file again showed no threat. Number of users is now in the 100 range vs. less than 5 when I first downloaded it. I'm thinking it might have something to do with the number of downloads. It makes me wonder about how Insight really determines if a file is a danger or not. At some point, all downloads start with 0 downloads. How does Insight determine if that file is safe or not? BTW - scanning the first file with MalWare-Bytes was clean, for whatever that is worth. An interesting problem and I've learned from this, but with some questions still remaining. Thanks to all for the help! It's time to head on down the line 
- �1995 - 2013 Symantec Corporation Legal Notice License Agreement Privacy Policy Cookies Site Map RSS
