Jump to content
WnSoft Forums

Recommended Posts

Posted

I notified Igor by email a few minutes ago.....

Norton Antivirus issue with false positive....

Version 17-1.0.19 - latest download update returning false positive with PTE files tonight. I have a friend in California (US Government employee) just installed and downloaded latest NAV update from Symantic site. SONAR returns false positive. Says "File Insight" "A Program is behaving suspiciously on your computer" then identifies the PTE file and prevents running the exe file.

I thought the problem was corrected after reading the latest post in the thread, but it's not corrected......

More on this: I just looked at the Symantic site and discovered that they must be having problems with the SONAR module. They have an "exclude" "hotfix" which tells me that there are probably many other files which SONAR finds false positives with otherwise they would not have this - see link below:

http://www.symantec.com/norton/support/kb/web_view.jsp?wv_type=public_web&docurl=20090903182949EN&pvid=nav_2010&selected_nav=6

Lin

Posted

Thanks, Lin!

I regrettably don't have Norton antivirus on my PC (I use NOD32 at home and Avast at work), VirtusTotal online service has old update which doesn't indicate this false positive.

Please could you ask your friend what exact version of PicturesToExe was used to create that executable?

Posted

Thanks, Lin!

I regrettably don't have Norton antivirus on my PC (I use NOD32 at home and Avast at work), VirtusTotal online service has old update which doesn't indicate this false positive.

Please could you ask your friend what exact version of PicturesToExe was used to create that executable?

From Jean and Peter

I had this problem with Norton Internet Security 2010. I was using Deluxe version 6 ptexe My exe file had the error messgae stated by previous member and it removed the file completely. I went into Norton Quarantine and reinstated it and all is fine now.

I h0pe this helps

Jean

Posted

Hi Igor,

It was the latest PTE version - one of my zipped executables. I had him try several and it deleted them. It didn't delete the zip file, but removed the exe when it was unzipped.

I also tried VirusTotal and no problems with any, but as you say, they have an older version of NAV. My friend has never had problems before, but this latest version of NAV 2010 with SONAR seems to be problematic.

Best regards,

Lin

Thanks, Lin!

I regrettably don't have Norton antivirus on my PC (I use NOD32 at home and Avast at work), VirtusTotal online service has old update which doesn't indicate this false positive.

Please could you ask your friend what exact version of PicturesToExe was used to create that executable?

Posted

This thread sounds suspiciously like the problems some of us were reporting a week or so ago here

http://www.picturestoexe.com/forums/index.php?showtopic=11061&st=20

As I noted at the bottom of that thread, when I returned from a trip a few days ago, I found the false-positive problem has somehow cleared up on my system, for whatever reason :blink: .

Thought I should mention I'm still running NAV 2005, so it isn't just NAV 2010 that returns false positives on PTE shows ...

My wife's Norton Internet Security v. 17 nuked a PTE screensaver I created for us, about a week ago; we've both been using that screensaver for about a year and a half, and NIS never bothered with it until a week ago. Haven't tried re-installing it on her system yet, my NAV 2005 doesn't seem to mind it though. Go figure. :ph34r:

Posted

Hi Ed,

I read that thread and had "hoped" that perhaps they had corrected the issue, but after going to the Symantic site and looking around, I saw enough to convince me that they have issues with the Sonar module because they have an "exclude" feature which prevents Sonar from diddling with files you ask it not to. They also have a "patch" fix for that feature misbehaving. This is one way of a sort of "crippled fix" for the problem when the executable or other file is an application, but when the file is the construct of an application, such as our slideshows, this is not even remotely a solution. One would have to "exclude" every single executable created for it to work.

They have elected to err on the side of caution, but apparently rather than fix their own software's faulty detection algorithm, they have created a work-around with this:

http://www.symantec.com/norton/support/kb/web_view.jsp?wv_type=public_web&docurl=20090903182949EN&pvid=nav_2010&selected_nav=6

It's not a solution for us so they need to come up with a better way.

Best regards,

Lin

Posted

Hi Ed,

I read that thread and had "hoped" that perhaps they had corrected the issue, but after going to the Symantic site and looking around, I saw enough to convince me that they have issues with the Sonar module because they have an "exclude" feature which prevents Sonar from diddling with files you ask it not to. They also have a "patch" fix for that feature misbehaving. This is one way of a sort of "crippled fix" for the problem when the executable or other file is an application, but when the file is the construct of an application, such as our slideshows, this is not even remotely a solution. One would have to "exclude" every single executable created for it to work.

They have elected to err on the side of caution, but apparently rather than fix their own software's faulty detection algorithm, they have created a work-around with this:

http://www.symantec.com/norton/support/kb/web_view.jsp?wv_type=public_web&docurl=20090903182949EN&pvid=nav_2010&selected_nav=6

It's not a solution for us so they need to come up with a better way.

Best regards,

Lin

Thanks for the very quick reply Lin. I agree; whatever the heck they're doing, they need to fix their anti-virus software PDQ or some of us are going to start looking seriously for some alternatives. No one needs this grief.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...