PDA

View Full Version : Norton



NewsArchive
01-07-2011, 02:37 AM
Friedrich,

I got a report from a remote tester of mine that Norton flagged the install as
suspect. I informed them it's a false positive and the install proceeded fine.
Odd that it did not flag the web update as suspect!

Have you any other reports about Norton giving false positives?

--
Russell B. Eggen
www.radfusion.com
Clarion developers: www.radfusion.com/devs.htm

NewsArchive
01-07-2011, 02:37 AM
Hi Russ,

> I got a report from a remote tester of mine that Norton flagged the
> install as suspect. I informed them it's a false positive and the
> install proceeded fine. Odd that it did not flag the web update as
> suspect!
>
> Have you any other reports about Norton giving false positives?

No, I do not have any other reports. I think your install has a specific
sequence of bytes that triggers the Norton warning. The recommended way to
fix this is to contact Norton and report the false-positive for your
setup.exe.

And SetupBuilder 7.3 Build 3162 introduced a new important feature. By
default, the compiler updates the setup executable's PE header TimeDateStamp
value. This is the setup file creation time (rel. to 00:00 on 1 January
1970 in Greenwich, England). Signature-based antivirus systems attempt to
find viral code by looking for characteristic byte sequences in the
executable.

Sometimes a simple recompile can already fix this now (because the updated
TimeDateStamp creates more individual PE Portable Executables).

But a report to the virus vendor is still #1.

Friedrich