Q&A Norton Cloud Protection not working?

Andrew3000

Level 8
Verified
Feb 8, 2016
349
Hello,
I'm doing this post because I'm trying to figure out whether Norton's cloud protection works or not.
Let's take two files as an example:



Both are marked "Trojan.Gen.NPE". When right-clicking to scan, neither file are caught.
Now, I tried to contact the support (live chat + remote assistant) even so to test their support capability (forget it, the guy thought there were problems with Norton's cloud backup). When he realized he didn't know how to solve it he closed the discussion and disappeared without saying anything and solve the problem.

In attachment two images:
1) It shows that the malware "27be024154b7dc635dc635d75b8251d9bb4a6" is actually already known on Norton's cloud.
2) It shows that neither of the two files is taken
3) I avoid publishing the support log :^)

1607263632703.png
1607263591185.png

Statistiche scansione:
Inizio scansione:
Locale: 06/12/2020 15:11
UTC: 06/12/2020 14:11
Ora scansione: 0 secondi
Destinazioni scansioni: C:\Users\andre\Desktop\MALWARE TEST\AWB 8912230030.jar, C:\Users\andre\Desktop\MALWARE TEST\aa3d9e85c05f55a26f5e536d0330f35e4fb26d415d10933b4725de1d99eb1463.vbs
Totali:
Totale elementi sottoposti a scansione: 2
- File e directory: 2
- Voci del Registro di sistema: 0
- Processi ed elementi di avvio: 0
- Elementi di rete e browser: 0
- Altro: 0
- File attendibili: 0
- File ignorati: 2

Totale rischi per la sicurezza rilevati: 0
Totale elementi risolti: 0
Totale elementi che richiedono attenzione: 0

Minacce risolte:
Non è stato eliminato alcun rischio

Minacce non risolte:
Nessun rischio irrisolto
 

Andrew3000

Level 8
Verified
Feb 8, 2016
349
This is a known Norton behaviour I have also observed before. I have submitted threats to them and I have received email that they are "detected by the cloud". However, there was no detection from the home product, but Symantec Endpoint Protection detected it.
My assumption is that it's detected by the so-called early warning services, which are linked to Symantec Endpoint Protection, but not linked to consumer products. McAfee is the same.
One may think that if you have a cloud, as soon as something starts looking suspicious, it will be eradicated from all machines as soon as possible but obviously, this is not always the case.

That's why I have started to like Avast, as they don't keep early warning only for their endpoint products.
Terrible thing.
Practically these two malware are able to infect systems anyway since cloud protection does not seem to exist. So “when” the local signature will be created all devices will be protected.
 
Top