Norton
by David Bax · in Torque Game Builder · 11/24/2010 (2:33 pm) · 11 replies
I've been sending my game to a friend to test, and he says Norton Autoprotect is flagging it as suspicious, more specifically that SONAR found it acting suspicious.
I have sent my files through virustotal.com which scans with 30+ scanners, and they're clean, as I suspected. Any ideas what's up with this? I don't want people downloading my game and thinking it's a virus.
I have sent my files through virustotal.com which scans with 30+ scanners, and they're clean, as I suspected. Any ideas what's up with this? I don't want people downloading my game and thinking it's a virus.
About the author
#2
11/24/2010 (4:28 pm)
Hey Scott, thanks for the quick reply. I'm not so worried as much about the virus as I figured it was a false positive, but I am concerned about the potential to distribute the game. My friend told me it automatically would get deleted before it was put on his system. Is there something that can be done to stop the false detection? 
#3
Any T3D project, the first time the .exe is run, Norton Sonar sees it as a threat and deletes it from the game directory. For me this isn't an issue, as you just have to go into Norton and tell it restore the file and ignore it from now on.
However, I can see this causing issues for customers. They are not going to like having sonar telling them that they've just installed a 'high risk' program, and many won't know how to restore it. Others will remain suspicious of the program, not trust it and possibly accuse us of distributing viruses (viri?).
I would be interested to know if there's any way to 'clean up' the .exe so that it doesn't trigger this response from Norton.
11/24/2010 (5:13 pm)
I've been wondering about this also.Any T3D project, the first time the .exe is run, Norton Sonar sees it as a threat and deletes it from the game directory. For me this isn't an issue, as you just have to go into Norton and tell it restore the file and ignore it from now on.
However, I can see this causing issues for customers. They are not going to like having sonar telling them that they've just installed a 'high risk' program, and many won't know how to restore it. Others will remain suspicious of the program, not trust it and possibly accuse us of distributing viruses (viri?).
I would be interested to know if there's any way to 'clean up' the .exe so that it doesn't trigger this response from Norton.
#4
(P.S.:Plural is "viruses". They were discovered in the 20th century, way past Latin's best-before date. You rarely, if ever, see a virus these days - it's all trojans ;)
11/24/2010 (6:17 pm)
The world really needs to be informed of how crap Norton products are. They've paid for it and think it's great because they paid. Uninformed mortals, pfeh! There's really no way to clean it up. Pack it with UPX, and Norton screams like a little girl because UPX has been used in one or two nasty programs back in the 90s. Encrypt it and Norton screams like a banshee because of self-modifying code. I hate Norton, in case you're wondering.(P.S.:Plural is "viruses". They were discovered in the 20th century, way past Latin's best-before date. You rarely, if ever, see a virus these days - it's all trojans ;)
#5
Amen!
11/24/2010 (7:12 pm)
Quote:The world really needs to be informed of how crap Norton products are.
Amen!
#6
I guess I can direct people to totalvirus.com to scan the file if they need to adress their concerns.
I don't suppose there's any way to "register" your program with norton or something?
11/24/2010 (9:58 pm)
Well that's a shame, I think a lot of people trust norton products. I guess all I can do when this thing is ready to go is put a note on the download page. Luckily I'm not trying to make money with this. If this was something I was relying on for income, I'd be pretty worried. I guess I can direct people to totalvirus.com to scan the file if they need to adress their concerns.
I don't suppose there's any way to "register" your program with norton or something?
#7
11/24/2010 (10:52 pm)
This has been a problem with Norton since the beginning of time. (torque time that is) All you can do is to place a warning on your download page telling people that norton will scream like a little girl when they download it. Uninstall Norton, install avg and they will be happy. (not to mention, they'll get better performance out of their computer)
#8
I just saw on the norton website that you can submit files to the symantec security response. I'll look into this more this weekend and let people know what I find. If I can submit it to them and it gets the OK then I that's fine with me.
11/25/2010 (2:45 am)
My friend told me comcast provided him with a free copy of Norton. So if comcast customers have access to a free copy that could be a significant percentage of people who won't play or can't even install the game. Has anyone out there attempted to start a dialog about this with Norton people? People who are less than computer savvy would probably steer clear from anything their anti virus flags, and even if not they might be too intimidated by the process to recover the file. I just saw on the norton website that you can submit files to the symantec security response. I'll look into this more this weekend and let people know what I find. If I can submit it to them and it gets the OK then I that's fine with me.
#9
The daftest, most braindead issue I've had with Norton so far was when its e-mail shield chose to override the delete key so that quick deletion of mail was impossible. Yes, disabling that component made it possible to press delete as bloody usual. You can't trust malware like that.
(I was not the one using it, and the money fixing the computer from damage caused by Norton in general was not worth it. The user now has Avast.)
11/25/2010 (2:41 pm)
I don't think Norton want to admit any problems. They haven't for the past 10 years.The daftest, most braindead issue I've had with Norton so far was when its e-mail shield chose to override the delete key so that quick deletion of mail was impossible. Yes, disabling that component made it possible to press delete as bloody usual. You can't trust malware like that.
(I was not the one using it, and the money fixing the computer from damage caused by Norton in general was not worth it. The user now has Avast.)
#10
Hopefully this will work when I'm done with the game.
11/25/2010 (3:03 pm)
Norton has a false positive submission form. Whether or not submitting your program to them will clear the problem up with new definition updates after they verify it's okay remains to be seen.Hopefully this will work when I'm done with the game.
#11
12/06/2010 (4:37 pm)
never had this before until today. This could be a major issue when releasing a game. Same for TGB and T3D. 
Associate Scott Burns
GG Alumni
The reason for the false alarm is because we use an open source assembler and unfortunately the same assembler has also been used by hackers in the past. So the AV programs just started flagging it regardless of its use.