Norton 2012 Product Line Released

Will you buy a Norton 2012 product?

  • Yes

    Votes: 4 25.0%

  • No

    Votes: 6 37.5%

  • I already have a license key for Norton 2012

    Votes: 6 37.5%

  • I might do that in the future.

    Votes: 0 0.0%
  • Total voters
    16
Status
Not open for further replies.
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Since its like NIS was having trouble to retrieve back, probably due to the malware that executes numerously and NIS was shut down.
 
Littlebits

Littlebits

Retired Staff
May 3, 2011
3,893
HeffeD said:
darkelixa said:
Languy99 just tested Nis 2012 and it failed big time
Click to expand...

Click to expand...


Nothing against Languy99, but I never take video tests serious.
I don't believe it was a fair review for Norton because when Norton missed that one rootkit it disabled Norton and it couldn't finish its job detecting the rest.

There is not one single AV that can detect all rootkits, in this case Norton couldn't detect this rootkit and maybe other AV's as well. This shows you that just about any AV would fail this complete review just by missing one rootkit.

Norton should have been re-tested leaving out that one rootkit that disabled it and see how it would have did on the first system reboot.

I know Norton sometimes doesn't detect or remove some malware until the first system reboot.

To myself the review is incomplete. I'm not a Norton fan, but I believe this test would be not fair to any AV reviewed in this method. Miss one rootkit = failed?

Thanks.:D
 
Last edited by a moderator:
Littlebits

Littlebits

Retired Staff
May 3, 2011
3,893
darkelixa said:
Well the system was not usable so yes its a fail
Click to expand...

That's because it missed one single rootkit.
So in other words any AV that misses this single rootkit equals fail?
Sorry I don't see the logic since NOT every AV can detect every rootkit.
Unless there is unknown AV with 100% detection rate that I don't know about.

I'm sure if I looked and around, I could find a rootkit or other malware that could disable just about any AV and render the system useless. But would it be fair to use that malware to review a product and not allowing that product to finish its job?

It is very easy in a video review to make a product look bad or good.

For example, if I would to make AVG look bad, I would use malware sample that I know AVG wouldn't detect. If I wanted to make it look good, then I would only use malware samples that I know it would detect and remove.

Even if Languy99 is a honest man and really tries to make fair reviews there is still room for human error. But if he is trying to promote another competitor, it would be easy for him to falsify his reviews. I'm not saying anything good or bad about Languy99, I do enjoy watching his reviews just don't totally agree with all of them.

Good day.:D
 
MetalShaun

MetalShaun

Level 1
Mar 3, 2011
424
It may have only let through one rootkit but its a ROOTKIT!. Thats like saying my alarm is really great it only let in one burglar, he has emptied my house of everything I own but he could have broke into any house on the street.
 
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Seems its only unlucky to a specific AV to missed some nasty rootkits as no 100% can't do well. So from clicked random undetected file its not to be expected it will be failed.
 
MetalShaun

MetalShaun

Level 1
Mar 3, 2011
424
All it is is the limitation of signatures. Which IMO also shows a company limitations in innovating and shifting with the threat landscape to protect end users.
 
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Sonar was the one in action for removing suspicious behavior.
 
H

HeffeD

Level 1
Feb 28, 2011
1,690
umbrapolaris said:
with a HIPS it will surely be caught
Click to expand...

It is caught by a HIPS.

@ littlebits, you are correct. Every test you see on YouTube needs to be taken with a grain of salt. I don't actually watch very many of them because these tests are extremely subjective.
 
eXPerience

eXPerience

Level 1
Mar 7, 2011
248
I also agree with Littlebits, no need to panic after 1 test.

I also agree with HeffeD, that most HIPS would probably have detected it it, however, the crucial problem with HIPS is, that it's only as strong as the person answering the pop-ups. There is no need for a program that gives you notifications for every different application that does whatever action, if you do not have to person that can answer correctly.
So I agree that HIPS would detect it, but I disagree that HIPS would prevent it.

HIPS will surely catch it, but then you will be faced such questions. And remind that you're a complete newbie when reading next warnings !

Lets see, an obvious one :
Accessing the physical memory is not a common operation for everyday applications. It is occasionally used by system profiling software. However most of the time, this is exploited by malware. The consequence of a malicious code obetaining direct physical memory access can be a complete system take over by this malicious code.
Click to expand...
--> Well action is pretty obvious here --> Block

more difficult is this one
whateverapplication.exe could not be recognized and is about to connect to the Internet. if it is one of your everyday applications, you can allow this request.
Click to expand...
now, as a newbie I have no freaking clue.

Even more tricky is this one :
The parent application that is accessing the target application in memory will allow the parent application to fully control the target application. This is a common technique used by many target applications as well as many malware. If whateverapp.exe is one of your everyday applications, you can allow this request.
Click to expand...
Now, shall I allow it or not ? I wouldn't have a clue (considering I would be a newbie of course :p)

And we have a (confusing) winner
Defense+ malware heuristic analysis has detected possible malware behavior in whateverapp.exe
However if you are not sure whether or not whateverapp.exe is a virus, please submit is for analysis...
Click to expand...
Well, shall I allow it or not ? If I'm a normal pc user, I wouldn't even have a clue...


So are there any other possibilities available that are not yet implemented in NIS ? Not that I know of. -->
So is NIS a good program ? Yes
Is it 100% bulletproof ? No
Is there any other application, even with all the pop-ups 100% bulletproof ? No
Should you panic because it failed 1 test out of so many ? No

Therefor I think that NIS is one of the, if not the, best antimalware suite for most available right now.
Of course to achieve user friendliness, you have no other choice than to lower the vastness and the extent of the program, that is, until new visions and anti-malware technology comes out.

eXp
 
MetalShaun

MetalShaun

Level 1
Mar 3, 2011
424
I agree eXperience that there is no need to panic, but it should not be ignored either. If this can be easily reproduced then I believe this could be a big problem for Norton.
 
Littlebits

Littlebits

Retired Staff
May 3, 2011
3,893
eXPerience said:
I also agree with Littlebits, no need to panic after 1 test.

I also agree with HeffeD, that most HIPS would probably have detected it it, however, the crucial problem with HIPS is, that it's only as strong as the person answering the pop-ups. There is no need for a program that gives you notifications for every different application that does whatever action, if you do not have to person that can answer correctly.
So I agree that HIPS would detect it, but I disagree that HIPS would prevent it.

HIPS will surely catch it, but then you will be faced such questions. And remind that you're a complete newbie when reading next warnings !

Lets see, an obvious one :
Accessing the physical memory is not a common operation for everyday applications. It is occasionally used by system profiling software. However most of the time, this is exploited by malware. The consequence of a malicious code obetaining direct physical memory access can be a complete system take over by this malicious code.
Click to expand...
--> Well action is pretty obvious here --> Block

more difficult is this one
whateverapplication.exe could not be recognized and is about to connect to the Internet. if it is one of your everyday applications, you can allow this request.
Click to expand...
now, as a newbie I have no freaking clue.

Even more tricky is this one :
The parent application that is accessing the target application in memory will allow the parent application to fully control the target application. This is a common technique used by many target applications as well as many malware. If whateverapp.exe is one of your everyday applications, you can allow this request.
Click to expand...
Now, shall I allow it or not ? I wouldn't have a clue (considering I would be a newbie of course :p)

And we have a (confusing) winner
Defense+ malware heuristic analysis has detected possible malware behavior in whateverapp.exe
However if you are not sure whether or not whateverapp.exe is a virus, please submit is for analysis...
Click to expand...
Well, shall I allow it or not ? If I'm a normal pc user, I wouldn't even have a clue...


So are there any other possibilities available that are not yet implemented in NIS ? Not that I know of. -->
So is NIS a good program ? Yes
Is it 100% bulletproof ? No
Is there any other application, even with all the pop-ups 100% bulletproof ? No
Should you panic because it failed 1 test out of so many ? No

Therefor I think that NIS is one of the, if not the, best antimalware suite for most available right now.
Of course to achieve user friendliness, you have no other choice than to lower the vastness and the extent of the program, that is, until new visions and anti-malware technology comes out.

eXp
Click to expand...

I couldn't of said it better myself. Excellent. ;)
I would also like to add besides HIPS, common sense could have prevented the rootkit as well. I wonder which would be easier to learn?

Good day.:D
 
H

HeffeD

Level 1
Feb 28, 2011
1,690
eXPerience said:
HIPS will surely catch it, but then you will be faced such questions. And remind that you're a complete newbie when reading next warnings !
Click to expand...

Yes, if you don't know what a com or hook alert means, you could just as easily allow this rootkit to install.

As you've said, there is no such thing as 100% security, and one failure doesn't mean the sky is falling.
 
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
They are more test to come with NIS since its only one failure then not a big deal of it. If you trust the program then no reason why you will change another product.
 
Status
Not open for further replies.

Similar threads

TuxTalk
    • Like
    • Thanks
    • Applause
New Update Norton Security 22.24.1.6 for Windows is now available!
Replies
51
Views
5,943
Norton
simmerskool
simmerskool
Trident
    • Like
    • +Reputation
    • Applause
New Update The New Norton for Mac: First Look Exclusively for MalwareTips
Replies
44
Views
4,219
Norton
bjm_
bjm_
Bot
    • Like
Norton Security 22.23.10.10 for Windows is now available!
Replies
0
Views
940
Norton
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top