Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Norton Security 360 Deluxe 2023
Message
<blockquote data-quote="Trident" data-source="post: 1036123" data-attributes="member: 99014"><p>Sometimes due to the IPS block, the program can’t continue with its malicious behaviour and this is the reason why it’s not picked up by other components.</p><p>This can be observed with other anti-bot components such as the Avast Resident Shield, Bitdefender Online Threat Defence, CheckPoint/ZoneAlarm Anti-Bot and others that block malicious traffic.</p><p></p><p>I am not sure what’s the reason for Symantec/Norton not to remediate programs instantly once they’ve generated an IPS-detected traffic, as far as I remember, Kaspersky System Watcher and Avast instantly remediate programs if there is traffic to a suspicious host. That, plus the program not being widely used and signed should be a clear evidence that it shouldn’t be left.</p><p></p><p>That’s one thing they really need to look at. For example CheckPoint can be configured to start incident remediation straight away.</p><p></p><p>Nevertheless, the traffic is blocked so it can’t do its harm. Power Eraser scan is advised to clean the infection. They should just start a background scan with it and remove everything.</p><p></p><p>I am not a product manager there sadly.</p></blockquote><p></p>
[QUOTE="Trident, post: 1036123, member: 99014"] Sometimes due to the IPS block, the program can’t continue with its malicious behaviour and this is the reason why it’s not picked up by other components. This can be observed with other anti-bot components such as the Avast Resident Shield, Bitdefender Online Threat Defence, CheckPoint/ZoneAlarm Anti-Bot and others that block malicious traffic. I am not sure what’s the reason for Symantec/Norton not to remediate programs instantly once they’ve generated an IPS-detected traffic, as far as I remember, Kaspersky System Watcher and Avast instantly remediate programs if there is traffic to a suspicious host. That, plus the program not being widely used and signed should be a clear evidence that it shouldn’t be left. That’s one thing they really need to look at. For example CheckPoint can be configured to start incident remediation straight away. Nevertheless, the traffic is blocked so it can’t do its harm. Power Eraser scan is advised to clean the infection. They should just start a background scan with it and remove everything. I am not a product manager there sadly. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
