« previous next »
Pages: [1]

Author Topic: Norton Alert  (Read 4856 times)

Lawgiver

  • Jr. Member
  • **
  • Posts: 52
Norton Alert
« on: November 23, 2014, 02:24:47 am »
Hello Umberto,

Hope all is well in your corner of the world.  I have a question about Norton alerts.  I know the general feelings concerning Norton anti virus but for the time being it's what I'm stuck with until my subscription runs out at which point I would like to go with Nod32.

Normally the alerts are usually "WS.Reputation.1"  I know these are false positives and have dealt with them accordingly.  
However, today something new has been added to the mix.  This alert I have not seen before.  I have copied a portion of the log file below.  After doing some research on this matter, this appears to be a new alert based on the recent updates being pushed by Norton.

Just wanted to check with you guys that all is still fine regarding this new alert as well as notify the other FSDT Norton users of this possible issue.  I just didn't want to assume this was another false positive for obvious reasons.  Thanks for your time.

Regards,
Rob

     "Downloaded File couatl_updater.exe Threat name: SAPE.Heur.54ba from virtualisoftware.com
Source: External Media klas_fsx_setup.tmp"

« Last Edit: November 23, 2014, 02:26:47 am by Lawgiver »
Logged

virtuali

  • Administrator
  • Hero Member
  • *****
  • Posts: 50691
    • VIRTUALI Sagl
Re: Norton Alert
« Reply #1 on: November 24, 2014, 09:45:54 am »
That's obviously a false positive. It should have been clear by the fact it was (as you say) "a new alert based on the recent updates being pushed by Norton", since the Couatl_Updater.exe hasn't been updated since a couple of months.

The tell-telling it's an antivirus bug, should be the name of the supposed threat, which contains the dreaded "Heur" word. When Heuristic is used, it means the antivirus doesn't really KNOW that is a threat, it's just guessing it, and it's basing its assumption on ANOTHER false assumption it made. In this case, the new "update", made the antivirus "smarter", trying to detect related threats.

In this case, since the Couatl_Updater *downloads* something from our site, and the site is the same as the site something THEY mistakenly think (because of THEIR bugged software) contains something dangerous, they also flag the downloader too.

There's really no reason to keep using that bugged antivirus, if you keep using it, it will end up stopping *everywhere*, because the basic concept over their heuristic works is entirely flawed. We keep reporting this to Symantect, and they ALWAYS reply this will be fixed in the "next upgrade", but instead, they keep getting more and more bugged with every update.

You don't have to wait for your subscription to end, just uninstall it and use the FREE, and ALWAYS updated Security Essentials from Microsoft. I cannot see why would want to *pay* to use something so bugged, when there are perfectly feasible free alternatives, that are not so bugged to begin with, and don't mistakenly identify any of our products as threats to begin with, so they don't require any special configuration.
Logged

Lawgiver

  • Jr. Member
  • **
  • Posts: 52
Re: Norton Alert
« Reply #2 on: November 24, 2014, 10:51:47 pm »
Hello Umberto,

Thank you for the detailed response, I appreciate the explanation. I thought as much but wanted to make sure as the "Dreaded Heuristic" tag was something new I had not  previously experienced.  I will take a look at security essentials and possibly give that a try.  Thanks for your time Umberto.


Regards,
Rob 
Logged
Pages: [1]
« previous next »