Norton blocks a file claiming it to be risky

I’ve been trying to download a file that I know is clean yet Norton Blocks it automatically - it is an exe file and I believe Norton SS 2010 is blocking it based on its name alone - how can I tell Norton SS 2010 to let it pass?

If you are completely and absolutely sure that the file is safe, then you can follow the instructions in Yogesh's post below to install the file in spite of NIS's warnings - but remember that this is your decision:

http://community.norton.com/norton/board/message?board.id=nis_feedback&message.id=35602#M35602

 

Also, submit the file, if you think it is a false positive, to Symantec via this link:

https://submit.symantec.com/dispute/false_positive/


Finally, if NIS has labelled the file as a low-risk item, you can go to Quarantine and restore the file. When restoring the file, you will be given the option to exclude it from future scans.

Message Edited by Yaso_Kuuhl on 12-11-2009 02:37 PM

Hi Yaso:

 

The first forum link that you had posted above, has to do with NIS 2009.

 

Is the procedure the exactly same for NIS 2010? Any SONAR concerns?

 

Thanks.

 

If the user believes that it is being blocked because of its name only, that would indicate that adding the file to auto-protect and scan exclusions should be successful.  It could also be that the user is aware of the nature of the file and why an antivirus would disapprove of it. 

 

If Sonar objects to it the user should perhaps give downloading it more thought.  We have several TDL3 infections at the moment for the same type of decision on the part of the users.

"Norton SS 2010 is blocking it based on its name alone"

 

Norton does not detect files based on it's name,   otherwise  if I type a document out about rootkits, I name it "Rootkit..." Norton would delete it.

 

So Nope, something in the file Norton detects and doesn't like.

 

Quads 


Plankton wrote:

Hi Yaso:

 

The first forum link that you had posted above, has to do with NIS 2009.

 

Is the procedure the exactly same for NIS 2010? Any SONAR concerns?

 

Thanks.

 


Hi Plankton:

 

I am aware of this - the procedure should work for NIS 2010 as well. 

I must admit that this is proving to be a major annoyance - but thanks for the work arround - I've tested some of these files with other virus scans and they can find nothing - 2010 only believes them to be suspicious - I've run them on an old computer here and they are as clean as a whistle - you'd think they would give you a yes/no action option.

 

It keeps happening - is there any wasy to configure 2010 to ignore or at least alter with a manual option any of these so called 'Suspiscious' detections?

This has proved to be too frustrating - reluctantly I’ve turned off SONAR and scan more regularly. No problems so far.

That is definitely not the right thing to do. If it gets detected by Norton , most likely it is a real threat.

 

Symantec products rarely produce false positive alarms . Additionally,they are very fast at fixing false alarms.

 

Re-enable all protections including SONAR to ensure your computer is well-protected.Without SONAR with just definitions your computer is not well protected .Finally , submit to Symantec for analysis here or here

I've submitted to Nortons and they were very helpful but, the thing keeps removing legitimate files and to return them via history often is not successful.

 

I've run these suspiscious files through other security programmes and they can't find any problems with them. If SONAR didn't automatically remove them but, prompted you for a manual decision it wouldn't be so bad.

 

I like 2010, I think it is a good and reliable application excepting for this frustration.

 

Thanks :)