• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs

Not what you are looking for? Ask the experts!

This forum thread needs a solution.

False Positives

Hi Forum members,

I am new to this (all) Forums, hopefully this question is in the right place, although there might be several questions contained in it.

Can anyone help me.

I have recently been on holiday so my computer was not in use for a month. When I returned several of my programs required updates (System Mechanic, Norton, Chrome). Since doing these updates my Chrome Browser has been very slow at loading pages and I have been receiving a large number of security warnings from Norton of bit4d, bita9.tmp files/ Suspicious Cloud threats. Looking at the file name of these file they looks suspicious (are very long, see attached pdf)  but as they included the words chrome_updater I am wondering if these are what is causing the pages to be so slow at loading, Is my Chome infected. Or is it because these files have been quarantined that it is not working correctly?

I have looked up the "False positive" section on the forum and started filling in the reporting page till I got to the section where it asked for me to upload the source file (?) what source file? (Chrome? or the infected file) . I cannot find the infected file in Quarantine (Cannot even find the "Quarantine" files on my computer.)

Should I use the Norton Power eraser to see if it clears the problem My browser is not being hijack to any unnamed sites it is just very slow at loading or I get the Goggle message that it failed to load ("Kill page")

Any suggestions

File Attachment: 



Re: False Positives


Re: False Positives

Thanks bjm_.

1. Looks like I am not the only person who has had this problem. Maybe it would have saved a lot of angst if Norton has made the problem more widely known?

2. As I said I am new to "forums" what do you mean when you say refer to "pinned" topics.

3. I have just finished downloading the Intelligent Updater..talk about a "bloat" file 450mB !!! that is 1/6th of my monthly data allowance (satellite service) and took 3.5 hours am now a bit worried as to how big the actual updates will be. Maybe I will have to wait until next month to try this solution.

4. Looking at the solution instructions I think now that this is the file required in the  Reporting false positives request form. But where are these file actually stored on my computer? File/folder? I cannot find a "quarantine" folder in Norton? It must be here somewhere if the file can be restored.

5. One of my original questions was does this file (see original screen shot) look like a false positive or a virus?

6. How do you tell a false positive? Is the only way if you notice that if an existing program suddenly does not work after an update?

Thanks in advance for any further advice you can give.



Re: False Positives

2. As I said I am new to "forums" what do you mean when you say refer to "pinned" topics.

1) Go here <link> and look for stick pins and a lock on the left side of the top few Topics.  
2) All I can tell from your image is that item is a tmp file.
3) See your image you'll find > Copy to Clipboard and Restore and Options and More Info.
When you Copy to Clipboard and paste to Notepad.  You'll find details on detection.  eg: hash that you can search on Virus Total. https://www.virustotal.com/en/
4) A false positive simply means a believed to be at the time true malware conviction that later is exonerated as not malware.
5) Please see the Norton Support article : I see a detection for Suspicious.Cloud.x after I update my Norton product  -----
Restoring an item from the Quarantine
6) The Intelligent Updater pulls latest defs and hopefully latest defs will not wrongly convict. 
7) How to report false positives


Re: False Positives

Hi again bjm,

I have been away from the computer for a few days. 

I followed the instructions in the Norton support article on this issue, update and reinstated the last suspicious file found. With some hesitation, as your reply did not really explain how one can identify a false from a positive file.

Anyway it does not seem to have resolved the problem of my web pages loading (or failing to load) slowly.

But again today I have had another file identified by Norton as a suspicious cloud (bit7b.tmp) do i have to reinstate these files every time one is identified as "Suspicious Cloud"?

Looking back at my Security History I have had a lot of files quarantined as suspicious cloud with slightly different names ie bit75.tmp, bit4b.tmp, bit130.tmp etc.

Would you recommend that ALL of these file be reinstated?

I would like to hear from other forum members who has or is experiencing this problem.

This thread is closed from further comment. Please visit the forum to start a new thread.