Ich arbeite mit dBase 10.2.2.0 und Windows 10. Seit kurzem wird eine mit dem dBase-Kompiler erstellte EXE-Datei von Norton security gelöscht. Es erscheint ein Hiweis auf den Virus "Heur.AdvML.B" . Ich kann mir nicht vorstellen, wie der Virus diese EXE kontaminieren soll.
Wie kann ich diese Löschungen verhindern?
Danke
Silvio
.
[Hinweis: diese Frage wurde urspruenglich geposted im Board Norton Internet Security | Norton Antivirus | Norton 360 und wurde hierher verschoben um Produkt-uebergreifend zu informieren. 2016-11-03BS]
Well that did not help as much as I thought. The only items I have in quarantine show where they were downloaded from. From this Origin tab, click on the Options link at the bottom right and see if there is an option to report the file to Norton. I cannot remember if that is there and my Quarantine items do not have the options link.
Your previous image shows the file is in QTUpdate\msi.dll. Do you have an app with QT in the name? Maybe QT Creator? if so, this sounds like an update that may be triggering the Norton detection.
Please tell us what Norton is telling you regarding this event.
For information regarding event > from Norton pop-up > View Details > Copy to Clipboard &or from Norton history > More Options > Copy to Clipboard > paste.
For second opinion choose File &/or Search hash at VirusTotal
Heur.AdvML.B is not the file name. It is the suspected malware name that is being detected in a file being scanned. Look in Norton History to get the file name. Open the classic 360 interface by clicking on Open beside Device Security in the My Norton interface. Then double click on the Security pillar, then click on History. From the drop down list at the left, click on Quarantine. Click on one of the listings for this detection and then click on More Options at the bottom right. From there click the Activity tab and it will list the file path to the detected file. Post that file name here and we can help determine if it is something that can be trusted.
In naja's Link betrifft Dich der Abschnitt "False-Positive":
Melden von Falschmeldungen
Senden von Dateien, die als Falschmeldung angesehen werden: Senden Sie falsch erkannte Dateien über die Seite "Report a Suspected Erroneous Detection (False Positive)" (Melden einer vermuteten Falschmeldung).
<p>Weitere Informationen finden Sie unter <a href="https://support.norton.com/sp/de/de/home/current/solutions/kb20100222230832EN_EndUserProfile_de_de" title="">Das Norton-Produkt meldet fälschlicherweise, dass eine Datei infiziert oder ein Programm oder eine Website verdächtig sei (Falschmeldung)</a>.</p>
</li>
Norton Security identified & removed two instances of Heur.AdvML.B from our network. In both instances, the infected file was a Norton Antivirus setup file from 2004 that was downloaded directly from norton.com. Is this a false positive or a real virus?
Upon further analysis and investigation we have verified your submission and, as such, the detection(s) for the following file(s) will be removed from our products:
Filename: razoapi8.dll
MD5: B480EB15863635BBBAEE4C17DE8B2117
SHA256: 2080408B68634716424417F946B32FFF3563BE654B1C1D2FD0DFDEFC6D6C5372
Result: Whitelisting for above file is taking effect from now on.
