Can anyone please tell me what a "statistical submission" in my scan history is? I have NIS 2009 and had a "Statstical Submission: suspicious.s.vundo.2" listed as "info" and "submitted". I've been trying to figure out what this means--it does not seem to be a threat, just information transmitted to Norton--but I can't confirm or find out what a "statistical submission" is.
LK
During a scan, if Norton finds something that is similar or has some characteristics of a threat, it will submit the information to Symantec. Norton does not recognize it as an actual threat or it would quarantine it. It is just a checkup. These kinds of submissions probably help to cut down on false positives.
That is something like I suspected, but it’s nice to hear it. Thank you!
This type of information helps Norton fine tune the rules / definitions for the actual virus. You have a file that maybe almost matches but is clean, so NIS / NAV sends this information to Symantec / Norton to help further defend you by eliminating False Positives.
Thank you. I am relieved. I had a virus several weeks ago and I'm still skittish when it comes to my computer security. It is good to know this is nothing to worry about, particularly since I have been ultra cautious about safety.
LK
LKBeagleluvr, it looks like others have satisfactorially answered your question but you may also wish to look at the thread about IPS detection- statistacal submission.
</P><P> </P>
Thank you, Reese. I reviewed the thread and feel even more secure than I did before. I think someone on that thread suggested not reviewing the scan history.... I think I will take that advice. As long as NIS is active, scanning and not issuing alerts, I will just let it do it's job. In addition, when I had the virus a few weeks ago, which was cleaned by Norton personnel, I was provided with some important safety tips, including the wonderful safeweb.norton.com site, which I use (it's also helpful that when I Google something the Norton rating appears). If I start to have problems or start receiving alerts or weird popups despite my blocker, I will take action.
In your opinion, is that a good course of action?
LK
reese_anschultz wrote:LKBeagleluvr, it looks like others have satisfactorially answered your question but you may also wish to look at the thread about IPS detection- statistacal submission.
Good link.
And would someone at Symantec hire an editor who can spell. I mean, the company is so big and so well known. How can it put a word like "statistacal" in front of the public on its own site without making everyone greatly embarrassed?
If nothing else, use your own spell checkers. Even they found the error. 
mijcar, regarding the spelling error, look at the last few messages of the thread. The OP mistyped the message. I was tempted to correct the misspelling when posting the link, but that would break the ability to search for the topic rather than clicking on the link.
reese_anschultz wrote:
mijcar, regarding the spelling error, look at the last few messages of the thread. The OP mistyped the message. I was tempted to correct the misspelling when posting the link, but that would break the ability to search for the topic rather than clicking on the link.
Reese, that was not a correction of you, or of any of the posters here. The job here is to get information out as fast as we can. That means typos are inevitable. And, as you explained, correcting typos can actual break links.
And, heaven knows, my own collection of misspellings and bad grammar from things written on the fly would be enough to create a very heavy textbook.
My comment was only about the original source. Symantec's supposedly "finished product" on its official site has way too many typos. That is where an editor is needed. A good product should have a presentation that matches the product in quality. In the present case, what does it say about Symantec that its own statisticians do not know how to spell the word "statistical"?
Statistacal?!
Auuggh!
mijcar, we’ve taken this off topic, but the referenced message is spelled correctly in the product, just not by the person posting it. If there’s a product problem here, it’s that a user can’t readily copy a message from the logs and paste them into a document.