Run a Full System Reputation Scan on your system

IN most cases I have seen in the recent past that some important files especially from popular software utilities come as unproven (have noticed this for files from Mozilla Firefox 7.x and Skype). Provided below is a screenshot. The sample given below is of installer files

Hi royabrahamm,

The trust status of a file is based on things like feedback through Norton Community Watch and direct study of a known-good copy of the file.  Until a good reputation can be established, the file will be listed as unproven, which is neither good nor bad, just undetermined. 

Thank You for the reply - but that can be a solution for unknown software providers - not for the really big names like Skype and Firefox. Just Imagine if another website marks all files from Norton as Unproven - will that make the team feel good about that. Skype and Firefox are also big companies like Norton.

I believe most of the major software vendors whitelist their files with Symantec, but it is not uncommon to see brand new version installers unrated occasionally.  Unproven is not supposed to have a negative connotation, although many users seem to interpret it that way.  If you ask my opinion of a movie that I haven't seen and I respond that I don't know if the movie is good or bad, you wouldn't automatically conclude that the movie is horrible, would you?  Come to think of it, some of the movies I like are actually pretty horrible.  Bad example.

Giving you a kudos for the reply but still not able to accept as solution for now...

Thank You anyways

Hi :)

I run a computer company and regularly download and install files from MAJOR manufacturers such as Dell for drivers etc....

The original poster has a valid point...... Dell drivers are ALWAYS found as suspicious and NIS 12 wants to delete them and I have to override Nis every time....there is absolutely nothing wrong with these files and Symantec needs to apply some common sense here...if its from a Major manufacturers site, then the file is pretty likely to be fine..... warn maybe but threaten to delete ...no...thats way over the top...

All the best Brett :)

Thanks Brett...I really think someone in Symantec must really take a look at this..since this is definitely lowering down the potential or suitability of using the reputation scan...

It is something like this

In the case as shown above in my original post I will definitely be hesitant to run a reputation scan again because it still does not give me a 100% result...it only tells me for example 98% is good ...and the critical part -- well the 2% is unproven and thus is your headache :-) ... even in the case of poor reputation files...details of the reason for the poor reputation are not explained clearly...

---

royabrahamm wrote:

In the case as shown above in my original post I will definitely be hesitant to run a reputation scan again because it still does not give me a 100% result...it only tells me for example 98% is good ...and the critical part -- well the 2% is unproven and thus is your headache :-) ... even in the case of poor reputation files...details of the reason for the poor reputation are not explained clearly...

---

The goal of the Reputation Scan really isn't to achieve a score of 100% trusted files.  Every system is going to have some new or obscure files that are either unknown or unproven (or bad).  From a security standpoint, those are the files we're most interested in.  The purpose of the Reputation Scan is to help Norton to know which files are confirmed safe, and which files to keep an eye on.  The 2% unproven files in your example are not actually a headache left for you.  Those are the ones that Norton will monitor most closely, precisely because they are not yet trusted.  While the information displayed in the Reputation Scan results can be of interest to the user, the data is primarily intended to help Norton  protect you more efficiently by focusing resources on those files that could potentially be dangerous, rather than on those that are already known to be safe.

Thank you for the answer - but unfortunately it is not convincing enough

reason is given below as a crude example (sorry - but this is my personal opinion)

let us assume the 2% from a popular provider software files are still unproven even days after release

it is like saying that 2% of the most destructive virus which is out in the open days ago still does not have a cure thorugh Norton - Norton uses this information to analyse and react after all the destruction is done

Also about the movie example (as quoted earlier)

Imagine I want to check reviews for latest good movies from a popular site like rottentomatoes.com - if 2% of the most popular movies are not listed on this site - people will look for another site where they will get 100% information especially days after the movie release

I am leaving this note as I am seriously concerned about the negative effect this is causing to Norton

---

royabrahamm wrote:
let us assume the 2% from a popular provider software files are still unproven even days after release

it is like saying that 2% of the most destructive virus which is out in the open days ago still does not have a cure thorugh Norton - Norton uses this information to analyse and react after all the destruction is done

---

If 2% of the files remain unproven after several days the only thing it means is that Norton will continue to scan them and watch them for any suspicious actions.  That's it.  Prior to the introduction of reputation scanning, all files were unproven.  Security programs that do not use reputation scanning still consider all files unproven.  This means that the operations of all files have to be closely watched, which can slow system performance.  The goal of reputation scanning is to lessen the impact that Norton has on your system by sorting out the known trusted files so that resources are not wasted continually monitoring them.  An unproven file is simply not yet vetted.  From a security standpoint, there is absolutely no harm in this.  Trusting a file simply makes Norton operate more efficiently, it does not make you any safer than you already are.

Brettt,

<< ...I really think someone in Symantec must really take a look at this >>

I flagged this for them yesterday so give them a little time .... they have a lot going on at present, unfortunately ....

But meanwhile I see some confusion between Reputation and Dangerous. If only a few people have downloaded a file and if Reputation is based on user experience then the only thing that changes the Reputation is the number of people who are using it.

As SoJ says it has nothing to do with whether it is infected or free. If it is infected then Norton will catch it whether it's reputation "number" is low or high.

From HELP:

FWIW