Hi  Welcome to Norton community!

sorry you had this problem!

Please submit in any of the following links

https://submit.symantec.com/whitelist/

https://submit.symantec.com/false_positive/insight/

https://submit.symantec.com/false_positive/

it will take sometime to analyse so till then

Restore the item from quarantine and tick mark the exclude option!!

Hi,

we have submitted it more times already (also today, that was the third time).

The problem is, that the program makes automated updates, and it seems, the new updated exe is not protected from false detection. It seems that filling these forms does not solve the problem.

If the program is on the white list (which is the case already according to the answer of STAR), could it be upgraded without new false detection?

Regards,

Ian

I`m sorry but I think you should wait till someone from syamntec team show up sorry!! for inconvenience

But be patient

Hi, Ian..

Sorry to hear that Sonar is FPing on your Application.  Can you tell me what the Application is? You can PM me, if needed.

Applications that get whitelisted should no longer get detected.   We need to examine the program getting the update, as well as the update package that is being applied on the system.

NIS is designed to detect different types of applications and react accordingly..  If it is unknown, then our SONAR heuristic engine kicks in and examines the application before making any sort of conviction.    So we need to look at the downloaded package, as well as the program doing the downloading and determine why the conviction is occuring.  The more info on it, the better it will help us improve our detection accuracy.

Scott Dang

SQA Manager, Symantec Corporation

Behavioral Analysis and System Heuristics

Hi Scott,

the application is AChat, we have reported the problem 3 times already. We have received the answer, that the false detection will be eliminated. It seems to be true with the existing product, but as soon as we try an upgrade the the exe file, Sonar will delete it immediately again.

As we make 2 upgrades every week to have satisfied customers, Norton Antivirus makes our life impossible, we can recommend to the customers only to switch off Sonar, as it is definitely a false detection, it was admitted by Symantec too. We run 7 antivirus softwares on our computers (should I list all of them?), and only Sonar makes this false detection at the moment.

We don't know what will be examined by Sonar, so we cannot modify our program to avoid false detection.

We can provide all information you need, we have done it already also via E-mail, when Symantec Security Response asked for it, without result till now.

Waiting for further help to avoid false detection.

Regards,

Ian

Hi Barrett,

the required info was sent, please check it.

Regards,

Ian

Still nothing...

Could you please tell us how could we avoid this false detection made of Norton Antivirus 2011? We have provided all required information and can answer all questions you have.

Please Answer!

Regards,

Ian

I'm not an employee but it sounds like you handed them a problem for which they had no instant answer

Please give them some more to find an answer and test it. I know a week can seem like a VERY long time but good work takes time

The team will respond just as soon as they are sure they have an answer you can depend on