• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos5 Stats

Great job !!! <just to let you know>

Hello folks!

Tim's announcement re Pathc1 of Norton 2010 products says "Updated Norton Insight to enhance its effectiveness"

I think I found what is it - just a few minutes ago I came across something I haven't seen before and this new (to me) thinks now makes Norton the perfect , the very best security solutions.

I downloaded a file (fake AV) which was detected heuristically a few hours ago . Now the same server contains a new variant . Download Insight gives a yellow (Unproven status) to this exe file

Previously , it was a problem which was noted even by Matt at remove-malware.com . Problem that when the file is unproven , Norton does nothing but just a warning . Now it does produce a warning + it stopped me from running the unproven file and asked for my permission . That is excellent , guys!!!

However , I ran the file and SONAR2 poped-up immedialely :)

Excellent job , Symantec team !!!

- 3G USER - Symantec fan -

Replies

Kudos0

Re: Great job !!!

Hi 3GUSER:

Yes, Symantec is making real strides with NIS 2010.

The best keeps on getting better.

Stay tuned!

      Plankton - MCSE, CSQE     - NIS 2009 • NIS 2010 -Windows XP • Vista • 7 • IE 8
Kudos3 Stats

Re: Great job !!!

Thanks, glad you like it! It's tricky to explain the value of an "unknown" result. Glad to see being used.

Download Insight gets first crack at the file before it even starts to run. Once the user allows the file to run SONAR2 kicks in and watches the execution behavior. That's why it catches it after it starts to execute.

Principal Software EngineerNorton Research Labs
Kudos0

Re: Great job !!!

Hi Garret:


You wrote:

"Download Insight gets first crack at the file before it even starts to run. Once the user allows the file to run SONAR2 kicks in and watches the execution behavior. That's why it catches it after it starts to execute."


At what point in the above process does the file get registered as part of the Norton Community?

      Plankton - MCSE, CSQE     - NIS 2009 • NIS 2010 -Windows XP • Vista • 7 • IE 8
Kudos0

Re: Great job !!!

Yeah....

SONAR2 has improved 10folds compared to SONAR1 (NIS2009).

That is why is it important to upgrade to NIS2010.  Also Insight has to be set to manual, otherwise, legit softwares MAY prevent installation, as I have experience last time.

Great Product......

Kudos0

Re: Great job !!!

This also worked for me in the opposite way. Yesterday I reinstalled a sim for my son and after running it I installed a patch for this and got an alert saying suspicious download or whatever it was. When I saw the small red alert box in the bottom corner I was taken to the screen shown in this thread and because I know this file to be safe clicked on the 'Run this programme anyway' button and all loaded up as it should.

Other security programmes might have just deleted or blocked it making it difficult to rectify the matter.

This is why I changed to back to Norton, very comprehensive and easy on the user. Yet anopther thumbs up for Symantec.

This thread is closed from further comment. Please visit the forum to start a new thread.