• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

This forum thread needs a solution.
Kudos0

Norton Security is removing Auslogics Disk Defrag

I am running the latest Norton Security v.22.9.4.8 on Windows 10 Pro (1607), which is detecting the latest Auslogics Disk Defrag 7.1.3.0 as a "threat" and then removes it from my PC. To be sure that NS is in fact doing this, I have reinstalled Auslogics Disk Defrag multiple times, and the same sequence of events happen. I have been using both Auslogics Disk Defrag and NIS/NS for many, many years without any problems. This behavior started after the latest NS product update. Here is the sequence of events:

  1. Auslogics Disk Defrag 7.1.3.0 is installed. It runs fine for one or two days thereafter.
  2. One or two days later, I get a "Security Request" window from NS. It goes along the lines of "Your computer must restart to continue removing Security Risks."
  3. I click on "OK" to restart Windows 10.
  4. Once the restart completes, Auslogics Disk Defrag is no longer a program on my PC. (No Start shortcut; No reference of it in Control Panel > Programs and Features)

Any help is appreciated. Thanks.

Replies

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

A little bit of knowledge is... well a little bit of knowledge.
Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

I was having this exact problem with Auslogics Disk Defrag just last week.  I kept telling Norton to exclude it in the Fix Threats window but I kept getting the same thing.  It detects Auslogics as a PUA (potentially unwanted application) and it is considered a low threat.  I even added the program folder for Auslogics in the Scan Exclusions list and the Sonar / Autoprotect Exclusions list and still the same thing.  I ended up turning the setting for Low Risks to Ignore in the Settings>Antivirus>Scan and Risks and so far it has stopped bugging me about it.  This may help you as well.

Windows 10 Pro v.1703 64-Bit / IE 11 / Firefox 55.0.3 / NSBU 22.10.1.10 / NU 16.0.2.53 / Veritas System Recovery 16 SP2
Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

The culprit IS Auslogic! One of the bundled programs they bundle with their "FREE" software keeps trying to change your homepages and installing the boostspeed software (dubious value if you ask me) forces your norton software to think it is adware (which it IS) or malware that you did not ask for. Even IF you try and decline during installation for these unwanted extras they will be installed unless notrton or other VPS stops them which results in the desired software like dish defrag to be uninstalled. You need to complain to auslogic about their behavior and ask them to stop this.
Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Or, try add PUA.DiskDefragFree to the Signature Exclusions.

https://support.norton.com/sp/en/us/home/current/solutions/v54298598


File name: disk-defrag-setup.exe
Detection ratio: 14 / 60
Analysis date: 2017-06-30


>> How to report false positives


watch out for:and watch out for:YMMV

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

I would call this whole product worthless junkware and hope Norton continues to detect / remove it the same way it currently does.

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

To be clear this IS NOT a false positive. Excluding it has potential damaging consequences. This could result in security risks that hackers could exploit. If anyone feels strongly about using the disk defrag software i recommend just keeping the setup on your desktop and reinstall the software as needed. We should not reward dangerous behavior out of greed or laziness on the part of Auslogic, they know better than to pull this crap!
Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Yes it is a False Positive. Norton, AVG and probably others are deleting the executable as it is extracted from the download file. Disk Defrag as a program has been working fine for years and it is only recently the this behaviour by AV products is causing a problem. It is also a FREE program so greed is not an issue and the boost speed can be declined by doing a custom install

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Andrew As previously posted https://community.norton.com/en/forums/how-report-false-positives

Norton products are designed with the intent to block programs that throughout the community are known to present the potential to do damage to your systems. I WOULD NOT under any circumstance exclude this program for that reason. Please report it as a false positive and allow it to be further analyzed for your safety and peace of mind.

Cheers

Retired military (Navy 1980-2002) "From DOS to Windows10 what a journey it has been" / MS Certified Professional / Windows 10 Professional x 64 version 1809 / build 17763.316 / NCSP 22.16.4.15 / Norton Core v.270 on Android 1.93
Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Use the portable version of Auslogics Disk Defrag.

https://www.auslogics.com/en/software/disk-defrag/

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

rchauhan Uninstall the program you now have installed then reboot your system. Download from the link BBattles provided, get both the portable version and install the standard version on your machine. Their site states they are Norton certified under the OPSWAT program as the Norton seal is on the site.  Again if you have not already done so please report as false positive for remediation and review.

https://www.auslogics.com/en/software/disk-defrag/

https://www.opswat.com/certified

Soul

Retired military (Navy 1980-2002) "From DOS to Windows10 what a journey it has been" / MS Certified Professional / Windows 10 Professional x 64 version 1809 / build 17763.316 / NCSP 22.16.4.15 / Norton Core v.270 on Android 1.93
Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

BBattles:  Use the portable version of Auslogics Disk Defrag.

https://www.auslogics.com/en/software/disk-defrag/

File name: disk-defrag-setup.exe
Detection ratio: 12 / 63
Analysis date: 2017-07-13

FWIW ~ YMMV

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

I've been using Auslogics Disk Defrag for over a decade now, and I'm suddenly having this same problem with their newest update (7.1.4. dated June 20 2017.)  I'm assuming that the false positive, as suggested above, is based on the additional software that's piggybacked on the installer.  This is particularly vexing to have it show up as a PUA in Norton because Auslogics doesn't try to sneak any of that stuff past you the way other vendors do.  There are basically two screens which both say "hey, here's this other thing, would you like it or not?" and a check-box.

I don't mind Symantec flagging it -- rather be safe than sorry -- but what's really annoying is that, as others have said, no matter how many times you tell Norton to ignore the detection, it just keeps killing it.

Anyway -- I guess I'm not adding any insight here, I just dropped in to point out that I HAVE reported it as a potential false positive, and we'll see what happens...

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

sknoof: I don't mind Symantec flagging it -- rather be safe than sorry -- but what's really annoying is that, as others have said, no matter how many times you tell Norton to ignore the detection, it just keeps killing it.

Hello,
Curious, did you try adding PUA.DiskDefragFree to the Signature Exclusions.

https://support.norton.com/sp/en/us/home/current/solutions/v54298598

Thanks

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Adding the signature to the exclusions list got Norton to stop asking me what to do with Auslogics Disk Defrag.  I have my Low Risk setting set to Ask Me and no matter how many times I told Norton to Exclude the risk in the Threats Found window, it would keep asking me over and over during the day.  Adding the signature to the exclusions list is the only thing that worked and so far I'm happy.

Windows 10 Pro v.1703 64-Bit / IE 11 / Firefox 55.0.3 / NSBU 22.10.1.10 / NU 16.0.2.53 / Veritas System Recovery 16 SP2
Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

I did try that, yes, and it seems to "work."  I put "work" in quotes here, because I'd be a lot happier if Symantec would examine this thing and decide that there's no issue with it.  I'm always leery of excluding anything from check.  Even if it's perfectly innocent now, who knows that some miscreant won't infect a future update of any given product? ;)

For what it's worth, I did try Auslogics' free-standing "portable" exe version, as someone suggested here, and that seems to fly right through the Norton without incident.  I'd rather use the installed version, though, because it has more extensive fine-tuning options. 

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

sknoof: [..] I'd be a lot happier if Symantec would examine this thing and decide that there's no issue with it. [..]

Please review > How to report false positives

Please ask vendor to whitelist future offering >  https://submit.symantec.com/whitelist/


*Items rated as a PUP - which does not mean malware. A PUP can download and install other software that might turn out to be, indeed, malicious. However, security soft vendors do not install every piece of software and watch every single thing that the software does. That isn't how file signatures are created. If vendors had to do all that, then it would take a long time to create signatures, it would be expensive and security soft vendors would not tolerate.

*A PUP can be installed at the user's discretion. The signature detection is to bring the file to the user's attention.

*What some users consider a PUP, other users will not; what one AV company rates as a PUP, another will not.

*In general, be more vigilant and discerning. PUPs in particular usually install with your consent, and your consent can often be implied when you take shortcuts like a default installation, fail to read all the installation options presented, fail to read Terms & EULA. (*google)

FWIW ~ “AS IS" ~ YMMV


File name: ausdiskdefrag portable.exe
Detection ratio: 3 / 63
Analysis date: 2017-07-15

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Perhaps you didn't notice -- I did all that. ;)

My original comment notes that I reported the problem to Symantec, and sent them a sample as well, since it seemed no one else had done that yet in this case...or at least didn't say they did...

Anyway -- we'll wait and see what they say.  In the meantime, I can use the portable version with no issues.

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

sknoof:  Perhaps you didn't notice -- I did all that. ;)

Did the vendor agree to whitelist future offerings ? 
Thanks

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

<< Did the vendor agree to whitelist future offerings ? >>

Haven't heard back from them (or Symantec) yet.  I've notified both them and Symantec about the issue, separately, as I said.  I think I've done about all I can. :)  Just have to wait and see how it shakes out.

I'd just switch to something else, but Norton's the only consumer antivirus I ever recommend to my customers, and Auslogics Free is the only defragmenter I recommend.  I really don't like any of the others in either case.  So there you go...

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

sknoof:  I think I've done about all I can. :) 

Since, you watch out for stuff you may not want.  I think you'll be okay. 
Free-ware is what it is.
Cheers

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

In relation to submission 41472.
Upon further analysis and investigation we have determined that the software in question meets the necessary criteria to be detected as Potentially Unwanted (PUA) and will be reclassified accordingly.

A PUA is a program that users wish to be made aware of. PUAs include programs that have an impact on security, privacy, resource consumption, or are associated with other security risks. These programs can show a pattern of installation without user permission or notice on a system or be deemed to be separate and different from the application installed.

Norton Consumer users are prompted to decide whether to trust or uninstall PUA applications.

If you require support with your Symantec product, please contact our technical support department.
Norton product support: https://www.symantec.com/norton/support/index.jsp

Decisions made by Symantec are subject to change if alterations to the application are made over time or as classification criteria and/or the policy employed by Symantec changes over time to address the evolving landscape.
Sincerely,
Symantec Security Response

@sknoof

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Yes, just saw that.  Well, okay then.  It's always important to have a choice, but it's equally important to have some evidence that you've made a decent one. ;)

Thanks to everyone who contributed here, and apologies to the original poster for taking his ball and running with it. ;)

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Just a few observations regarding Disk Defragmenter: 1) I've been running it for years without any problems, except for occasionally sneaking BoostSpeed (because I wasn't paying attention); 2) They're a reputable company and a certified MS Developer, for what it's worth; 3) I have it on two Win 10 PC's, and Norton complains about it on one PC, but not the other;  4) despite multiple attempts to exclude it from detection, Norton AV finds it and removes it, so apparently Norton isn't playing by it's own rules; 5) although it's categorized as a 'Low Risk' PUA, I actually want the application, so it isn't PUA to me, and #4 above shouldn't be happening!
It would be nice if Norton would share with us why it thinks Disk Defragmenter as a PUA, and what is it doing to be classified that way, why it's handled inconsistently on my two PC's, and why is it being detected even though I have done everything possible to exclude it from NAV's scans?

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Daryl Smith:  well, if I read the reply to my false-positive inquiry correctly, it'd seem that Symantec's pending reclassification of the Auslogics software will change Norton's tactic of instant removal to one that simply alerts you about possibly-unwanted software. 

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Yes, one COULD interpret it that way, but Symantec's comments in the past have basically been "we consider it a PUA, and so we're not changing anything about how we respond to it."
In other words, they'll keep removing it. I haven't seen any evidence their tactic has changed.

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Not to split hairs, Daryl, but the e-mail posted above says they're going to change the software's status in a "pending" update.  Which means it hasn't happened yet.  I'm inclined to give 'em the benefit of the doubt and wait for it. :)

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Agreed, sknoof. I received the same email when I submitted DiskDefrag for review a couple weeks ago. I think we just have different interpretations. And, I suppose my own interpretation is biased by the fact that "excluded folders" AREN'T actually being excluded from NAV scans. I trust Norton AV, which is why I use it, but that kind of behavior really annoys me.

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Could you post your next detection and your saved exclusion?

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

For what it may be worth, I've just received my answer from Auslogics....

----------------------------------------------------------------------------------

Hello,
Thank you for your email.

I am sorry you are still experiencing the problems which have been caused by Norton antivirus.

We are staying in contact with Norton Support Team working on the issue of file deletion despite including it in the exclusion list. We are waiting for the further instructions that will come from their technicians.

As for now it would be useful for you to contact Norton Support team directly using the link: https://support.norton.com/sp/en/us/home/current/contact-chat?inid=hho_n.com_supp_contact-chat_form&OpenDocument&src=ivr_chat&type=ivr_chat

We apologize for the inconvenience and thank you for your patience!
 

Best regards,
Alexandra Pokhylko
Support Team | Auslogics Software Pty Ltd
Sydney, Australia
http://www.auslogics.com

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

If you want to post your detection log and exclusion settings (that aren't working as expected) I can take a look and make a good guess as to what is going on.

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Which security program was on your machine prior to Norton Security?

You might want to check Control Panel > Administrative Tools > Task Scheduler to see if there is a Norton entry for disk optimization/defragmenting.  If so, please remove it.

Let us know how you do.

There are a couple of settings to turn it off. Under Task Scheduling>Automatic Tasks> take off the x from Disk Optimization. Administrative Settings>Idle Time Optimizer> turn off.

When you get the popup window from Windows disk defragmenter  "Disk Defragmenter is using a customized setting created by another program" click on the "Remove Settings" button, then apply your personal settings for native Windows disk defragmenter, (they revert to default), and reboot your pc.

Did you turn off Idle Time Optimizer under Administrative Settings 

What does Disk Optimizer show in Background Tasks (not Task Scheduling)
If Disk Optimize does not show Complete > Run by click arrow left side.  Then at Complete > Reboot.  Or,

 "Remove Settings"....Norton may have called for Optimizer and was not Idle long enough. 

Or, you have some other 'Tuneup Tool' running.   Presuming Windows Defrag/Optimize is not scheduled. 

WSC = Windows Security Center

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Sparke:

Which security program was on your machine prior to Norton Security?

...

WSC = Windows Security Center

The user had problem that auslogics programs were being deleted by Norton due to having adware / junkware. I don't think this helps them disable that detection.

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Well -- I'm back, like a bad penny...

Norton was leaving my Auslogics software alone for a while.  Then, about two weeks ago, it started removing it again.  And now it's not just removing the installer, but the installed program as well.  At least once a day, sometimes twice.  But here's the thing that's so vexing about it -- each time, (after rebooting, which it forces me to do) I go in to "Resolved Security Risks," highlight the "PUA disk-defrag-free" entry, and restore it.  And each time, I make sure the check-box that says "exclude this item from future scans" IS checked.  And yet Norton keeps deleting it, over and over.  Now what does THAT mean?  Doesn't "exclude" mean "please leave me the @#%& alone now?"

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

Addendum to above:

There are two places from which you can execute a restore/exclude sequence -- from "resolved security risks" AND from "quarantine."  I've tried both, alternately and randomly.  The Norton product still keeps killing off the Auslogics program every time I restore and exclude it.

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

The Norton product scans your files and folders using multiple components, such as Auto-Protect, SONAR, or File Insight. If you exclude a file or folder that is detected by Auto-Protect, the same file or folder is detected again in the next scan by a different component like SONAR or File Insight. This occurs due to the detection of the file's signature. To resolve this, you need to exclude the signature from all scans.

https://support.norton.com/sp/en/us/home/current/solutions/v115455517

Restore & exclude this file: is not the same as adding item(s) to Exclude from Auto-Protect nor the same as Exclude from All Detections.

Report a Suspected Erroneous Detection (False Positive)
https://submit.symantec.com/false_positive/

For information regarding event > from Norton pop-up > View Details > Copy to Clipboard &or from Norton history > More Options > Copy to Clipboard > paste.

Curious, did you try adding PUA.DiskDefragFree to the Signature Exclusions.

For second opinion choose File &or Search hash at VirusTotal.

Please tell us what Norton is telling you regarding your favored tool.


Please review:

1) Restore an item from Quarantine
https://support.norton.com/sp/en/us/home/current/solutions/v6200368

2) My Norton product alerts that the file I downloaded is not safe, and deletes it
https://support.norton.com/sp/en/us/home/current/solutions/v80629965

3) My Norton product incorrectly alerts that a file is infected, or a program or website is suspicious
https://support.norton.com/sp/en/us/home/current/solutions/kb20100222230832

4) Add items to the Signature Exclusions
https://support.norton.com/sp/en/us/home/current/solutions/v54298598

5) Turn off or turn on Download Intelligence
https://support.norton.com/sp/en/us/norton-security/current/solutions/v23920640

6) My Norton product detects a file or program as a threat even after I exclude it from scan
https://support.norton.com/sp/en/us/home/current/solutions/v115455517

Kudos0

Re: Norton Security is removing Auslogics Disk Defrag

sknoof:

Addendum to above:

There are two places from which you can execute a restore/exclude sequence -- from "resolved security risks" AND from "quarantine."  I've tried both, alternately and randomly.  The Norton product still keeps killing off the Auslogics program every time I restore and exclude it.

That is a temporary ignore for restoration purposes. If you don't "resolve" the detection it may be removed again.

Resolve:
Exclude by signature
Exclude by file/folder
Successful false positive submission to Symantec/Norton
Some future update stops detecting it

If you restore before completing at least one of these it may be detected again.

This thread is closed from further comment. Please visit the forum to start a new thread.