Hello.

Once again, I want to ask the developers, when it will be and whether it will include support for a Download Insight archive zip and 7-zip.

Many users,

(One of the examples)  http://www.wilderssecurity.com/showthread.php?t=337614) 

causes bewilderment that, in tests conducted at the forum Safetygate

Link  http://safetygate.ru/forum/index.php?topic=1319.msg109844#msg109844

production Simantek holds leading position.

In many English-speaking and not only the forums test the malicious files packed in archives zip and 7-zip.

Norton Download Insight does not work with these archives. Hence the understated detection.

In addition the lack of support for zip archive, which is a staffing for Windows users, is a direct threat

Example.

MBR Winlock

https://www.virustotal.com/file/6bf2adccfdc38eb150955135f4cad935325b2ff76e41eda1529b7b6bec2bdd5f/analysis/1355766197/

destruction: MBR infected. The drive is not visible (not mapped)

three tests.

1. Archive zip. Test failed (Download Insight is not working) Sonar not responding.

http://youtu.be/f1Tchosc4mc

2. Archive RAR. Test passed. Download Insight allert, if you choose to continue the program-lock Sonar.

3 Archive zip. The firewall in manual mode. Test passed.

Of communicating with multiple users on several forums, I know that this problem many worries, and even more stops from using Symantec products.

I hope developers will meet the wishes users to make products better

Norton forever.

Thanks.

This looks a lot like a message that should be posted in the Suggestions forum

At the Russian-speaking forum - safetygate.ru, computer security fans (pros) on a regular (almost daily) basis are conducting tests of various popular antivirus products, including NIS 2013 and Norton 360 20.2.019. And Norton AVs are always getting very high detection rates. See the results.

On the other hand, at Wilders Security Forums, computer fans don’t believe that those tests at safetygate.ru are accurate. The Wilders Forum members have very mediocre opinion about Norton’s detection rates. Why do we have such different detection rates?

The Russian testers discovered the reason for such a big discrepancy in the test results done by safetygate.ru and the other companies in the West. 

At safetygate.ru, they are using malware packed in RAR files. Norton is very good with RAR files; therefore, the results from the Russian testers put NIS 2013 or Norton 360 always on top. 

Recently, the Russian testers did a test by using malicious software packed in Zip files.

And Norton’s detection rates went down, because Norton Download Insight does not work with Zip or 7-Zip archives.

The testers from safetygate.ru did a different test. This time they tried AV products with Trojan.MBR Winlock. If Trojan was packed in RAR files, Norton’s AV passed the test with flying colors.

When MBR Winlock was hidden in the Zip file, Norton failed miserably.

What can the developers of Norton’s AV do about the detection rates of malicious files hidden in the Zip files?

Those results I don't like, wonder who will figure out why??

Quads

---

Quads wrote:

Those results I don't like, wonder who will figure out why??

 

Quads

---

Ok, I'll bite.

Why is there different results for NIS & N360?

Dave

Quads wrote

Those results I don't like, wonder who will figure out why??

 Seems suss that what looks like the Russian version had the best results......

Nope that is not it.

Quads

 Quads  ?........Wrong version number for Norton 360 ? Current version is 6.4.0.9, I believe......

---

F4E wrote:

 Quads  ?........Wrong version number for Norton 360 ? Current version is 6.4.0.9, I believe......

---

That's the latest version of v6, but v20.xx is the current version

Krusty, I stand corrected. I don't use Norton 360.......

Not got it yet

Quads

No, but why is A) brand + B) brand = X%?

And how did KIS score so low?

Are you going to give us a hint?

Dave

To me those results are stuffed.  they have Multi AVed.

AV (IS etc)1 + AV 2.

Be like users that have problems of Norton + AVG,  and like the user with Immunet + Norton + IOBIT care + Fighter.

Also it compares Different AV products with non AV products,  Products that won't detect Boot Sectors etc. 

Quads

---

Quads wrote:

To me those results are stuffed.  they have Multi AVed.

 

AV (IS etc)1 + AV 2.

 

Be like users that have problems of Norton + AVG,  and like the user with Immunet + Norton + IOBIT care + Figter.

 

Quads

---

That is what you keep telling us.  One AV only

http://community.norton.com/t5/Norton-360/AVG-detects-JS-Phish-in-norton-360/m-p/837240/highlight/true#M81249

Dave

Face palm. Of course. No-one in their right mind, would use two real time AVs, as Quads has been at pains to point out. Just don't do it. Leave Norton to look after you, and use programs like Malwarebytes and SuperantiSpyware free editions, SOLELY as scanners. Good advice.....

Quads wrote:

Those results I don't like, wonder who will figure out why??

Quads

This table is the result of a single test.
In my first post is a link to many results.
These tables are only the results of tests for detection.
Methodology: The archive of malware (N)
1. Unpack the archive (as found when unpacking) (A)
2. scan (as found in a scan) (B)
Result (R)
R =( A + B)/Nx100

Each tester has a favorite AV.
Believe the results will be checked again.
In addition to this simple test, and many others.
In tests on the dynamics of Kaspersky shows some of the best results.
But we digress from the topic.
You can check out the latest malware detection Norton packed in RAR and ZIP archives.
The results will be very different

Hi.

Correct me if I'm wrong : No AV vendors (including Norton) can scan Zip/Rar file for malware until the file is completely unpacked.

Thank you.

@ AntiMalware,

Those safetygate.ru tests and Prior's posting clearly show two things:

1. Norton is very good with RAR files.

2. Norton is very bad with Zip or 7-Zip files.

"1. Malware in Zip file. Test failed. Download Insight did not work. Sonar did not respond.

http://youtu.be/f1Tchosc4mc

2. Malware in  RAR file. Test passed.

This thread is not to criticize Norton/Symantec but LET Norton's developers know about the problems.

The following is a new test on Trojan Winlock Virus from "safetygate.ru" done on 12-20-2012.
AVs in green color - passed the test, AVs in red - failed the test.
http://upyourpic.org/images/201211/5okmpfisxc.png

@ F4E,

"No-one in their right mind, would use two real time AVs". I think it's time to take a new look at that "unquestioning belief".

You can use two AVs on the same computer with one exception.

The primary AV, let's say AVIRA should be in the Standard/Real-Time protection mode, but the second AV, let's say, Kingsoft Antivirus, should be set in "Quick Mode". 

I've been using Kingsoft AV as my second AV without any issues.

The following are some test results from "safetygate.ru". 

348 malicious files. Date: 12-14-2012:

Avast with KingSoft has better detection rates than just one Avast or one Kingsoft.

On the other hand, THE NUMBER ONE AV "from AV-Comparatives", BITDENDER, scores bad at "safetygate.ru"