I have had the situation recently where a false report against a legitimate Windows driver update program called Driver Easy has now created a Norton Threat Response called PUA.Drivereasy that goes through and uninstalls the program automatically - without even asking. Not only is this "Threat" wrong - the very existence of this threat and then the response is just plain wrong.
The Norton description of this useful subscription program that helps find and update Windows drivers when requested to do so is wrong. User request a scan. It doesn't install by itself - you need to install the trial DriverEasy_setup.exe executable after downloading it from their website.
The official "Threat description states - "The application scans the computer for missing and outdated drivers and displays misleading information about how the issues affect the computer's performance. It then shows a GUI of an unregistered program - with partial scan results and then states: " The application then asks the user to pay in order to fix the listed issues."
Note This is a subscription program that users can choose to purchase after they trial it. An unregistered program in trial mode will allow users to download drivers, once trial ends you need to have a subscription to gain access to the various Windows drivers.
Not only does whoever reported this program misrepresented what this program does - their further description is malicious and completely unjustified. As a long time user of this program - it is especially useful in assisting with finding the correct Windows drivers after a new Windows installation. While some of their drivers may turn out to not be able to be updated to a more current version - the majority of their choices are correct. As a subscription program I choose whether to extend its subscription or not. This is not an area that NIS should be interfering with.
PUA.drivereasy is not a valid "threat". It should also not be uninstalled by NIS. It should not even exist within NIS.
Further, Norton's Virus and Threat Reporting programs should not have categorized these programs as Threats and nor should the Threat Response have been created either on the basis of a malicious report against Driver Easy.
There are also a number of other similar malicious "Threat Reports" against similar Windows driver installation assistance programs that should also not exist. PUA.DriverAssist is a further example of wrongly classifying helpful application programs that a user has voluntarily installed and paid a subscription for - only for Norton to go and potentially also classify these as a threat requiring automatic uninstallation.
Norton needs to go and reexamine the entire PUA. area as it appears a series of a false reports against most of the Windows driver installation assistance programs have been submitted to Norton and then subsequently Norton deeming them "threats" to be removed now make Norton Internet Security itself as a program partly dangerous to continue to use.
As it stands the credibility of NIS to accurately detect REAL threats is also somewhat at stake as the apparent automatic acceptance by Norton of what are clearly false "threat" reports with an almost mindless response to then automatically accept that report without a proper check of its validity and then just uninstall that so-called threat - without the entire Report first being validated by a relevant Norton Subject Matter Expert. is wrong. How can NIS be trusted when what are valid application programs are classified as threats to be removed - seemingly at the behest of malicious false reports that have just been blindly accepted ?
Norton needs to stop and re-evaluate all of these so-called PUA "threats" to see how many are valid Windows programs that have been misreported and then required automatic removal when in the first instance they were manually installed voluntarily by a user and can be manually uninstalled if no longer required.
I need to now search back through Norton Quarantine logs to see how many of my paid-for Windows shareware applications have been wrongly uninstalled by NIS due to this malicious false reporting.
And if the PUA classification area has been corrupted by false reports - how many other similar type false reports have also been accepted so easily ?