• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos1 Stats

NIS 2011: Community Watch Failure

I have NIS 18.1.0.37 for 13 days.

Final NIS 18.1.0.37 was able to download from the beginning of September (and via NUC from the end of the August). many users download and use it. But what will happens if they are not able to help Symantec to increase their Blacklist of malware? Less effectiveness for all of course! In NIS 2011 I saw more effective heuristic level (via Suspicious.Cloud and WS.Reputation.1 detections), but this unknown to Symantec viruses can't be upload (Submitted) to be added after additional analysis to traditional Virus Definitions.

And what we see by av-comparatives.org reviews? 98.7% effectivenes on dead (body) scan of malware.

Symantec is always in 98-99% range for 3-4 years of testing. Always little more than middle position, on 3-7 places that for so big company is not very good - can be better.

And testing version was only 18.1.0.30, which is Beta (18.1.0.37 is final)...

Look at G-Data 99.9% with few false alarms - it is submit all suspicious files and data to analisys - in result - more viruses are known. Avira 10 - 99.8% with few false alarms - very good! Look at Free of charge Avast! 5 - 99.3% - more effectiveness with absolutely free of cost, few false alarms and the best scan speed. There is exist a thing, that can think about...

NIS 2011 is greatly improved performance of computer in Boot-time, but scanning speed is down to (18.6-13.3)/18.6=28% comparing to NIS 17.5 engine.

Alright scanning speed is very fast still. But when our product's the heuristic and submitting levels/components and URL blocker (by known links to malware, like it perfectly workinkg in Kaspersky and ESET), scan of malwaredomainlist.com items directly by Symantec virus analytics, effectiveness of dead-body scan will be more than 98-dot-something percents will be working better?

Many general problems are but now must be to switch to subject of topic...

I saw the work of Norton Community Watch (NCW) component in all engines of NIS 2010 till 17.7 version (don't know about 17.8):  "Submitted" status was appeared in maximum 1-1.5 days after each "incident" happened (from "Pending" through "Waiting" to finally "Submitted"). In 18.1.0.37 Norton Community Watch task starts only 1-2 times a day, then the "Pending" entries adding for 10-40 items per each day.

But I never turn off my computer and in daytime and during nighttime it is in Idle state, like it was during all engines of NIS 2010, in which NCW was working like exquisite.

So many samples with Heuristic detection (like Suspicious.Cloud, WS.Reputation.1 and other) cant be submitted to further analysis to Symantec and be Blacklisted via classic Virus definitions.

To lost samples - to lost effectiveness, but still (on 27-Sep-2010) in 18.1.0.37 Norton Community Watch Pending-Waiting-Submit task execution is working very badly, comparing to NIS 17.0-17.7 engines. Some days ago I help NCW manually - via direct execution for 50-60 times of the task from Norton Tasks window i have each sessions for 2-4 minutes long and in Security History the state of 1-3 old "Pending" items was changing to Waiting or Submitted. By the way: "Sample Submition" tasks was changed only to "Waiting" state and no one of mm... about 40-50 to "Submitted". But I can't do it always manually (and Sample Submission can't achieve the normally "Submit" state).

Since NCW Submission was working on NIS 2010 just fine, it is not normal in NIS 2011.

Constantly connected to Internet, running Win XP SP3 32 bit x86 English

Replies

Kudos0

Re: NIS 2011: Community Watch Failure

On my PC there are a couple of "waiting" processes.  It submits eventually (usually within 7 days). Hope that helps!

Norton Internet Security 2011 , Windows 7 Home Premium 64 bit (Check if you are eligable for a FREE Norton upgrade)Success is 10 percent inspiration and 90 percent perspiration.”--Thomas Alva EdisonI'm not a Symantec employee and my posts do not represent the views of Symantec.
Kudos0

Re: NIS 2011: Community Watch Failure

It is not helps for cloud all Norton users, but a piece of usable information in this topic, thanks.

But imagine that new viruses will be only start to analyze after 7 days if its existence. Users will be unprotected for 8 and more days while analysis and further blacklisted will be not completed. This is not normal, how you thinking? In NIS 2010 this period was for 0.5-1day at the average. Yes, not like lightning, but much more quicker than in NIS 2011, isn't it?

Norton team, how about 0.5-1 day submitting time like old-gold NIS 2010? 

7 days is like a tortoise...

What about technique? If this files will be deleted soon (by user or by itself or system or system cleaner programs), Norton will be not able to submit it? (In my case I do not deleting this files)

Or Norton have something like its own repository for such not-yet-to-be-submitted files? Not have? I think with this methodology products will be more effective.

Kudos0

Re: NIS 2011: Community Watch Failure

I think it may have some kind of cache cause the file got submitted AFTER I've deleted the orginal installation files.  Plus, in NIS2010, sometimes, Norton Community Watch sometimes "hangs" on a file that won't get submitted. On NIS11 it doesn't.

Norton Internet Security 2011 , Windows 7 Home Premium 64 bit (Check if you are eligable for a FREE Norton upgrade)Success is 10 percent inspiration and 90 percent perspiration.”--Thomas Alva EdisonI'm not a Symantec employee and my posts do not represent the views of Symantec.
Kudos0

Re: NIS 2011: Community Watch Failure

after 10 days nothings changed in security history - still "Waiting" status... as expected very doubtful working.

This thread is closed from further comment. Please visit the forum to start a new thread.