• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

Use of Norton Power Eraser in NIS 2012.

Hi.

I would like to know why I would need the Power Eraser, if NIS is actively protecting my system?

http://security.symantec.com/nbrt/overview.aspx?pname=NIS&pversion=19.1&layout=esd&env=prod&ssdcat=221&lcid=1033&serviceid=2&origin=stmnu&tooltype=nbrt&osver=5.1

Thanks.

Atomic Blast :)

"Every day is just another increment on the bell curve of life."

Replies

Kudos0

Re: Use of Norton Power Eraser in NIS 2012.

Not really sure. Why do you need a raincoat when you have an umbrella?

Dick Win 10x64 current current NSBU
Kudos3 Stats

Re: Use of Norton Power Eraser in NIS 2012.

Hello Atomic_Blast

Unfortunately, no one particular security program is 100 % effective. If you suspect that your computer might be infected and you want to get another opinion, I would try other scans first and then try using Norton Power Eraser after reading what it says on the page that you linked to.

I quote from the page you linked to:


You should use Norton Power Eraser only when nothing else will remove the threat and you are willing to accept the risk that the scanner may quarantine a legitimate program


If you do use the NPE, then you should report back here what it found before you let the program fix the problem

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.17.3.50 Core Firmware 282 I E 11 Chrome latest version.
Kudos1 Stats

Re: Use of Norton Power Eraser in NIS 2012.


Atomic_Blast wrote:

I would like to know why I would need the Power Eraser, if NIS is actively protecting my system?

Atomic Blast :)



Hi Atomic_Blast,

I think that it is possible to use Power Eraser beneficially in a type of read-only, diagnostic mode, and this can serve as a confirmation that your NIS system is doing its job so far. Also,  Power Eraser has a special option to check for rootkits that could be useful, especially if you think you might have been infected by a rootkit



What it means to use Power Eraser in diagnostic mode is to just let it run to completion, but never accept to

have the program Fix anything.  If you get a screen where Power Eraser claims that it has found some type of presumed threat that needs to be "Fixed" , then simply uncheck the box for Fix in each case, and proceed cautiously on to the next page.  Just be absolutely sure that you are not giving permission for the program to fix anything.

When the program runs to completion, it will first display the findings in a pop-up window:



After this there will be a log in XML format that can be seen by clicking on the View log link, and this can be a very useful thing, because it can indicate the likely names of any suspicious files aor malware.  You can then use these references to do further research before deciding whether or not you need to remove anything

At the end of the Power Eraser log it will display its findings in each of the main categories of scan, for example:

<Analyze DateAndTime="Tuesday, 04 October 2011 Time: 11:59">
- <Infections_Detected>
  <DRIVERS Count="0" />
  <SERVICES Count="0" />
  <PROCESSES Count="0" />
  <LAYERED_SERVICE_PROVIDERS Count="0" />
  <DESKTOP_SHORTCUTS Count="0" />
  <AUTORUN_FILES Count="0" />
  <STARTUP_ITEMS Count="0" />
  <BROWSER_HELPER_OBJECTS Count="0" />
  <BROWSER_TOOLBARS Count="0" />
  <BROWSER_PLUGINS Count="0" />
  <SHELL_EXTENSIONS Count="0" />
  <EXPLORER_PLUGINS Count="0" />
  <DIRECTORIES Count="0" />
  <FILES Count="0" />
  <SYSTEM_SETTINGS Count="0" />
  </Infections_Detected>
  </Analyze>
  </Session0>

RichD

HP-Mini 110 -1020NR (netbook) 2GB RAM, CPU N270 @1.60GHz, Windows XP Home, SP3, NIS 2011 18.6.0.29 (installed 12h00 GMT 18-JUL-11) , FF5,IE8
Kudos0

Re: Use of Norton Power Eraser in NIS 2012.

Hi everyone:

Thanks for the replies.

I think that components of Norton Power Eraser should be built into NIS 2012, as an "extended scan."

After all, if NIS is supposed to truly protect your computer, let's do away with some of the "eye candy"

and integrate the NPE with various options for novices and advanced users alike.

Atomic_Blast :)

&quot;Every day is just another increment on the bell curve of life.&quot;
Kudos1 Stats

Re: Use of Norton Power Eraser in NIS 2012.

NPE has a much lower threshold of proof required to convict a file of possibly being malicious than does NAV or NIS.  It has a much higher incidence of false positives and its detections carry much less certainty than the regular programs.  It is designed for use in specific situations where one is willing to assume the additional risks of accidentally removing legitimate, possibly important, files.  It was designed from the start to be a standalone program of last resort rather than an enhancement of the basic programs.

Kudos0

Re: Use of Norton Power Eraser in NIS 2012.

HI SendOfJive:


You wrote:

"NPE has a much lower threshold of proof required to convict a file of possibly being malicious than does NAV or NIS.  It has a much higher incidence of false positives and its detections carry much less certainty than the regular programs.  It is designed for use in specific situations where one is willing to assume the additional risks of accidentally removing legitimate, possibly important, files.  It was designed from the start to be a standalone program of last resort rather than an enhancement of the basic programs"


Hmm. Thanks for the clarification.

What is the overall  rate (of successful correction) when using the NPE?

From what you have said, I wouldn't use it casually, like MBAM or SAS.

Atomic_Blast :)

Edit - Typo.

&quot;Every day is just another increment on the bell curve of life.&quot;
Accepted Solution
Kudos0

Re: Use of Norton Power Eraser in NIS 2012.

Hi Atomic_Blast,

Improvements are being made to NPE all the time and the incidents of FP's are lower than they once were. However as others have said there will always be a higher risk of FP's using this type of tool.

It is safe enough to run the scan but caution is advised before letting it correct what it found. If there is any doubt about allowing NPE to remove a perceived threat one should post the results here first so more advanced users can weigh in on whether it is a legitimate detection or an FP which should not be removed..

NPE also unchecks any threats found through the more aggressive methods so that they are not removed by default. More caution is advised on those items as the risk of it being an FP are significantly higher.

When someone is infected and goes to one of the Malware removal forums such as BleepingComputer they are cautioned to not attempt to run any of the tools on their own because interpreting some of the results should be left to those with more experience in such matters.

In the end there is a definite value add in using NPE but it is primarily intended to be a tool which should be used when an infection is already suspect. If one can resist the temptation to remove things for no real reason, there is of course no harm in just running the scan.

Hope this helps.

Best wishes.

Allen

Windows 7 Ultimate SP 1, 64 bit, 32 GB * NIS Vers. 21.6.0.32* Ghost 15 * IE 9, Firefox, Safari. Test laptop with W7 Home Premium 64 bit * NIS Vers. 21.6.0.32

This thread is closed from further comment. Please visit the forum to start a new thread.