I'm running the very latest Norton Internet Security. I lost one activation (which upset me) because I had to reinstall it from scratch because the insight protection wasn't working.
I've had some instances in the past year when malware wasn't detected by Norton and that was very disappointing to me.
So, I've decided to intentionally go to malc0de.com/database and other malware zoo sites and download some malware and put Norton to the test.
I live updated the product to the latest and all settings and heuristics are set to the maximum. Sonar, Insight, etc.
I downloaded a trojan and various other malware and SONAR or Insight said absolutely nothing about it. This really lowers my confidence in the product. Isn't it supposed to be able to see it was a trojan, especially being set to maximum levels?
I'm surprised Symantec/Norton really didn't focus on their detection engine with this latest release. Anyone ever hear of HitMan Pro? That detects nearly 100%. I really wish Norton could match them.
Any ideas why Norton's engine has decided to turn a blind eye to some malware?
Norton has quite low signature detection. Nowadays it relies more on reputation/behavior than regular signatures. If you downloaded malware files it sounds strange that many would be missed, however - Norton is usually excellent at detecting bad files you download like that when there is an Internet connection. It does much much worse if you do a static right-click manual scan though. It has like half the detection rate of Kaspersky. That is disappointing to me - I understand their focus at making the product protect in real-time scenarios more than in static test, but with Symantec's resources, why can't they have great signatures as well? But as I said, SONAR and Insight not making a peep either doesn't sound like everything is working as it should. I have a hard time getting malware, even new malware, past all layers of Norton.
See, I'm running Win 8 pro in a virual machine. I really wanted the best, and that would be Bit Defender. Except, bit defender doesn't work well with my virtualization software.
Norton always had a great reputation. And that's the reason I'm feeling let down a little bit.
I right click on a file, to trigger a manual scan and it says, "no threats found."
i discovered that i have now in quarantine some files wich i didn't have warning try and check you're history for events regarding threats and you're quarantine maybe it detected but didn't warned of them just solved them
I just don't understand why Norton can't see these new malwares.
There are soooooo many options in the new version. For instance -- early launch anti-malware protection is an OPTION? Who wouldn't want that enabled? Also, SONAR advanced mode? Rootkits and stealth items scan?
Why are these options to enable and disable? They should be part of an all encompassing scan singular option. They are probably doing this to make you feel like you are receiving more product for your money, which is fine, but when it comes down to the nitty gritty, I bet most of the people on these boards just love Norton and don't really test it for malware.
I have throw quite a bit at it the past twelve hours and a good bit of the time it just sits there with its teeth in its mouth.
It's a very poor product, and I'm beginning to think trademarks like SONAR and whatnot are utter rubbish.
Thank you for that information. I will contact them about it.
Look, I'm not trolling here trying to trash the product -- I'm just disappointed in it.
Have you tried Hit Man Pro? Its detection rate is the best in the industry. The only downside (and this is a big one) is that it doesn't offer real-time protection.
malc0de has a lot of grey (aka PUA, PUP) software. Symantec has very strict criteria for what a piece of greyware has to do for it to be considered malicious. Ofcourse this criteria varies from vendor to vendor.
If you have a sample that you dont believe is a PUP, that you downloaded via real-world methods i.e. through a browser, email, etc., and it still wasn't detected even after running it, let us know.
What do you mean by grey PUA/PUP? What does that mean?
Also, could you tell me how to do an insight scan on my virtual machine and if those insight files are trusted, does it just skip them and makes subsequent scans faster? I'm confused on this.
It would be nice if someone like Quads could comment on this. We've read that Norton is weak at Ransomware/PUPs compared to other programs like Kaspersky and Bitdefender.
Is this not true or is there some basic functinality in those programs that allow for this type of detection that is missing in Norton?
I'm not saying those programs are better overall when comparing reliability, detection, support and performance.
PUP are Potentially Unwanted Programs that may be annoying but do not actually damage or compromise a user's system. Some users actually want the 'features' offered by these programs.
For those reasons, Norton does not look for PUPs. Other on demand malware scanners will find these for you, while Norton concentrates on malware that can damage your system.
What do you mean by grey PUA/PUP? What does that mean?
Also, could you tell me how to do an insight scan on my virtual machine and if those insight files are trusted, does it just skip them and makes subsequent scans faster? I'm confused on this.
Thank you.
You cannot scan the virtual machine files on the hard drive, if that is what you are asking. You need to install a security product within the virtual machine and scan from within the machine.
BTW Your issue with the Norton reinstall...You should not be charged for an additional install if reinstalling on the same hardware. But your installation into your virtual machine WILL be counted as a second install.
I upgraded to 2014. Insight wasn't working. I used the remove and reinstall tool which didn't work. I went to the control panel and reinstalled.
NIS 2014 asked for my email addy and norton password which I entered. Boom. I just lost one install credit. I don't think this is fair. Yes, it was reinstalled in my virtual machine, but it was due to a technical problem.
I was away from windows for ten years because of this sort of nonsense. I wonder why I returned.
What I'm asking is that in the last version of NIS, there was an option for default scanning to exclude trusted/insight items. This made the scan proceed more quickly.
I can't find that in the current version, unless it has been unnecessarily moved.
PUP are Potentially Unwanted Programs that may be annoying but do not actually damage or compromise a user's system. Some users actually want the 'features' offered by these programs.
For those reasons, Norton does not look for PUPs. Other on demand malware scanners will find these for you, while Norton concentrates on malware that can damage your system.
Many other AVs have much much higher signature detection rates than Norton on dangerous malware as well.