So I was just browsing throught my Notron Security History and I found out that there where this two messages about IPS Detection Statistical Submission, I don't know if it is a virus or something that norton does. This messages comes from two different wesbites from different days. Please Help!
The Norton Intrusion Prevention System uses signatures to detect and block exploits that leverage vulnerabilities in software programs to install malware. When a new exploit is discovered a signature is created and distributed as quickly as possible in order to provide immediate protection. After this initial signature is released refinements are made to make a new signature that is smaller and more efficient. Since this increases the likelihood of false positives the revised definition is first released as a test signature. The goal is to eventually replace or update the initial signature with the improved version once testing is completed. When one of these test signatures gets a hit it is reported back to Symantec as an IPS Detection Statistical Submission. In your case it is a false positive because an encounter with the actual exploit would also have been detected by the original IPS signature that is still in place and you would have been alerted that the attack had been blocked.
Reese Anschultz provides a couple of good explanations, which I have paraphrased here, in the following thread:
does it matter if both of them say submitted also I have another one but this one says that it cannot send the information to Norton Feedback and its going to try again.
So I was just browsing throught my Notron Security History and I found out that there where this two messages about IPS Detection Statistical Submission, I don't know if it is a virus or something that norton does. This messages comes from two different wesbites from different days. Please Help!
does it matter if both of them say submitted also I have another one but this one says that it cannot send the information to Norton Feedback and its going to try again.
No. Each time the test signature is triggered a submission will be sent to Symantec. Eventually the signature will be fine-tuned to avoid the false positives and always block the real thing, based on what is learned from these reports. It is normal for submissions to sometimes fail, in which case the data will be held until it can be resent.