Cautionary tale about Norton Internet Security

[Larry_R]

Hi folks,

This is a cautionary tale about Norton Internet Security. Yes, I know it's trouble but I have/ had been using it for a very long time and I relied on the idea that the devil you know is safer than the one you don't know. I'd learned the idiosyncrasies. And I use my machine for a lot more than running a sim.  But lately  NIS was doubling the time it took to load P3D (why P3D and not FSX I don't know) and I was getting more and more false warnings about stuff I use all the time.

So I decided it was time to bite the bullet and dump NIS.  The un-installation was reported as 'successful' and a restart was needed. That resulted in a blue screen and on re-booting the system was un-useable because of a rapidly flashing screen.  Who knows the ultimate cause, but apparently NIS can such things by their own admission.

My guess is that NIS was also 'protecting' my automated internal backup, and that disk was altered such that on re-boot,  Win 10 fixed it, ha ha,  made it inaccessible!  I tried various boot options for a while and then it dawned on me; other than my monthly disk clone, an entire year's work  was at now at risk and at that point was  inaccessible. That forced what I had been meaning to do; a clean Win 10 install with the ISO CD I had made.  Once installed, the gods were on my side and all my files (including all of CAC8!)  were still intact on the old boot SSD.  

Now with a clean Win 10 install and using Win 10 Defender and Malware Bytes, P3D v3 with PNW  plus my stuff loads in 30 seconds where as prior took between 2 and 5 minutes depending on whether or not I had enough exclusions in NIS, most of which are not that intuitive.

I should say that I can't blame everything on NIS; I'm sure the clean Win 10 install has helped. I'm really quite amazed at how much faster my system is now.

As for the moral of this story, I guess you can draw your own conclusions.  For me at least and knowing what I know now, it broadens the definition of ransomware.

[John Dow]

lol.  I just run the Windows firewall and don't click on links from sources I don't know.  Has kept me safe for years now.

 

But I am also a bit troubled by the concept of ransomware that is being reported, one little mistake and it's pay up or lose.  So I am looking at options for saving a safety copy off-computer and only accessible when I action it, ie no matter how sophisticated the intrusion it can't access the copy because it's not linked to my computer except at backup time.

 

Mostly though I keep photos and My Documents on an external HDD and if I had to lose the rest to a rebuild well so be it, I would never pay ransomware that's for sure.

 

BTW one little trick: if you think your computer may be hacked, turn it on but don't do anything  (turn off email etc) except call up the Network Properties popup and take a note of the data down and up figures after it has settled down. They should be static if you don't have any programs running.  (Obviously if you have P2P software this won't work).  Come back after a couple of hours and the figures should be just about the same.  If however it shows any sort of significant data movements it would be a good idea to find out what caused them.

 

I purchased an old computer for my parents and installed it but was frustrated because performance was poor.  I discovered that the seller had pre-loaded a trojan and was busy accessing the information from the computer. It was the data up and down figures that gave it away.  

[boleyd]

Although Norton is free to Comcast customers (not latest version), after trying it twice I removed it. Fortunately I did not have the extensive issues as did the author. These "do-all" type of programs have been around since before PCs and they usually die from their own weight. It is difficult to adapt them to the latest base OS or when new coding structures appear.

 

Windows Defender is getting better test results but the customer that trolls "off-brand" sites is possibly more at risk than with one of the highly rated non-Norton products. I also use MalWareBytes as well as an anti-virus called Webroot that keeps its virus definition files on the "cloud". I may dump Webroot because it does not have Exclude capability and wastes time scanning and monitoring P3D files.

 

It is like a horror movie. You are trapped in a village and the Living Dead are at the gates. In this case the the zombies have not lost their brains and continue to plot ways to breach your walls.

[jabble]

Something scary about recent ransomware reports (e.g. Dino Cattaneo's issues) is that external drives are also affected.  This applies to both USB drives and network shares.  Hence for safety, use the cloud and/or network drives that are NOT shared, e.g. a NAS with it's own non-Windows file management to drag files to/from the PC.  That way if your PC is hit, the virus can't directly access the non-shared areas to encrypt them.

[birdguy]

I've had no problems with Microsoft Security Essentials.  But I never open an e-mail if I don't know who it's from.

 

Noel

[fltsimguy]

These sort of discussions can bring out another this is better than than debate on which anti virus software is the one to use.

 

I have been subscribed and using Norton 360 for ever.  It works great, it is scheduled to run all sorts of performance things like defrags etc.  I never had to do much or worry about much.

 

I do get some false positives and file remove, only to be given an immediate "restore from quarantine" option, and exclusion of file or folder.  So it is no big deal.

 

It ain't broke so I'm not going to fix it.

[Hobnobs]

No amount of anti-virus/anti-malware can protect you against zero-day threats anyway. So the rule should always be; "If you didn't ask for it, trust it you will not."

[cwam]

On 6/5/2016 at 8:12 PM, fltsimguy said:

These sort of discussions can bring out another this is better than than debate on which anti virus software is the one to use.

 

I have been subscribed and using Norton 360 for ever.  It works great, it is scheduled to run all sorts of performance things like defrags etc.  I never had to do much or worry about much.

 

I do get some false positives and file remove, only to be given an immediate "restore from quarantine" option, and exclusion of file or folder.  So it is no big deal.

 

It ain't broke so I'm not going to fix it.

 

I tend to agree - I use Bitdefender myself, but no matter what AV SW you use, if it is doing its job it will slow down your PC to at least some degree.  It is the price you pay to be protected.  You just get used to how your choice of AV SW works.

 

Regarding the other things people have brought up here:

 

I also agree with what others have said here - it also takes a little bit of common sense! Being wary of weird emails etc.  I have found Google has been pretty good at filtering out a lot of rubbish (just compare your gmail Spam folder to your inbox!) - but there is always some stuff that gets through.  Be very wary also of giving your email address out - lots of sites ask for it; I often use nml@nomail.com if I am forced to enter an email address for a site I am trying out. That email does not, of course, exist; some sites are getting good at detecting fake emails as well, but you can always set up a gmail or hotmail email that you have no intention of ever using except for these kinds of sites - they can send whatever junk they like to the gmail server, it will never make it onto my PC unless I set it up in Outlook which I will never do!

 

As for ransomware; I have found that protecting against it is a real pain because any time I install something it almost inevitably triggers off a ransomware alert and gets denied by BitDefender; eventually I just turned that feature off when I am installing something; but you have to remember to switch it back on again afterwards!

 

Finally, as regards W10; I have it on my notebook, but my main PC is still W7; I am not convinced yet about the move.  I especially don't like being forced to install updates.  i usually like to let major updates "settle" a bit (i.e. I like to let other people find out what the bugs are and have their systems messed up, and then a fix issued!!) before I install them.  W10 removes that option.  If updates are available they will install when you shut down or restart.

 

That being said, my wife had W8 on her notebook - *anything* would be better than that (well, apart from VISTA...!) She updated to W10 as soon as it was available!

[jsapair]

I went the NIS deletion route, too, but it kept popping its head back up. Just deleting the program normally and/or using the Norton Uninstall Tool does not remove all of it. This guy takes you through the manual deletion process, including the registry entries. Might be worth a look even if you think you have deleted Norton already.

 

http://www.askdavetaylor.com/how_can_i_fully_remove_norton_antivirus_from_my_system/

 

                                                         jsapair