Jump to content

You're browsing the 2004-2023 VATSIM Forums archive. All content is preserved in a read-only fashion.
For the latest forum posts, please visit https://forum.vatsim.net.

Need to find something? Use the Google search below.

Norton False Positive on vATIS?


Jeremy Valentine 1326740
 Share

Recommended Posts

Jeremy Valentine 1326740
Posted
Posted

Hello - Following a recent PC Format, I was attempting to download and re-install vATIS and the install file was flagged by Norton360 for containing a Trojan. Anyone else have this issue or can shed some light on the topic? Thanks!

 

N6kbTCZ.png

Link to comment
Share on other sites

Kyle Ramsey 810181
Posted
Posted

Where did you download it from?

Kyle Ramsey

 

0

Link to comment
Share on other sites

Bradley Grafelman
Posted
Posted

Confirms Symantec is one of the 'numerous' that Justin mentioned here recently:

 

The installer system I use (NSIS) has been known to have false positives reported from numerous anti-virus softwares.

 

The "heuristic" is the main part to note in that screenshot. Basically, it means "This file doesn't match any known malware, but it looks like it could do something I don't like, therefore I'm blocking it" in AV-speak. Best thing would be for Symantec users to submit the installer as an example of a false positive:

 

Please submit files that are detected as Heur.AdvML.C to Symantec Security Response so that these new risks or variants can be identified and [Mod - Happy Thoughts]igned specific names.

(Source)

 

EDIT: Strange; the VirusTotal results don't show anything for Symantec. Perhaps try forcing Norton to update now?

Link to comment
Share on other sites

Jeremy Valentine 1326740
Posted
Posted

Thanks for the quick replies everyone!

 

Where did you download it from?

 

Downloaded from the main vATIS site, https://radarcontact.me/

 

Brad - I've submitted a false positive report. Definitions shouldn't be an issue as this is following a fresh format, install, and update of Norton360.

 

I figured this was the case, but wanted to get a message out just in case something may have gone awry.

 

Thanks again!

Link to comment
Share on other sites

Bradley Grafelman
Posted
Posted
Definitions shouldn't be an issue as this is following a fresh format, install, and update of Norton360.

Thought I'd throw it out there anyway, especially given how much time may have elapsed (~24 hours doesn't seem like a lot, but it can be "enough" with AV-related stuff). Definition updates at least every 24 hours seems to be typical, and it seems Symantec has released two so far today (1/3/2017).

Link to comment
Share on other sites

Jeremy Valentine 1326740
Posted
Posted

Response from Symantec. Hopefully this will resolve future false positives.

 

In relation to submission 13995.

 

Upon further analysis and investigation we have verified your submission and, as such, the detection(s) for the following file(s) will be removed from our products:

 

File name: vATIS-Setup-2.0.6206.30700.exe

MD5: 69a10479899b3510afb125fc4b184eaf

SHA256: f9c63f9dac0507062b7bf9035986669c9fe76aa506f670c4de056e15f7396cce

Note: Whitelisting may take up to 24 hours to take effect via Live Update

Link to comment
Share on other sites

 Share