Patch Solution - Norton High Security Threat

Technical Support
Prev 1 4 5 6 10 Next
Citah,

The steps mentioned will automatically turn Sonar back on after 15 minutes. After the patch is installed, there shouldn't be any more conflicts.

We do recommend having security on your system. Whichever security program you choose is up to you.
________________________________________________
Technical Support
Want to speak with someone directly? http://us.blizzard.com/en-us/company/about/contact.html

How's my driving? https://www.surveymk.com/s/R5D3LCF
A false positive from your security suite isn't Blizzard's problem to fix, its (in this case) Symantec's problem to fix.

I just downloaded the most recent Norton virus definitions through LiveUpdate which is a part of the Norton security suite.

wow-4.0.1.2210-enus-tools-downloader.exe still trips SONAR.
It is listed as "High risk" because the program was "behaving suspiciously".
SONAR shut it down and removed the file before it accomplished anything.

The default rule is: This behavior would indicate Virus-like activity, or unsigned software (a big no-no).

Point of clarification: This has never happened with any of the previous downloads in over 4 years of playing.

I do not feel comfortable disabling SONAR on my machine, nor should it be recommended by Blizzard to do so.
I have it for a reason: to protect my computer, and by extension, my account from unwanted / unknown intrusion. Up to this point, it has been successful.
Since I am not the type of person who goes about fixing things that are not broken, I find it highly unlikely that I will be removing / crippling an effective security measure on my machine.

Please fix this ASAP so I can play.
~Donovan
Just as a note - this happened with my AVG as well, though it's possible mine is a bit out of date. It's easy enough to bypass on AVG though, just click "Allow" when a warning comes up about Launcher.Patch.exe.
Symantec Endpoint Protection didn't seem to flag it as dangerous for me...so I doubt it is
This is not likely to be a Norton issue.

Here is my reasoning: 2 other anti-virus programs are also reporting this file as a threat (AVG and McAfee).

Other possibilities would include:
Blizzard did not properly sign the download, or did not communicate with the anti-virus manufacturers noting that this file is safe.

Another possibility: The file that Blizz signed off on is not the same file that was downloaded (i.e infected, etc). Not likely, but definitely possible ... and also the reason I have SONAR up in the first place

Edit: just noting here that I'm not trying to spread propaganda or anything foolish like that. I also do not believe that Blizz would intentionally load viruses on our machines, but compromised files do happen in the real world. That's why we have anti-virus software.
Why did Blizzard fail to sign the file in the first place? This is not a Norton problem, this is a Blizzard Dev/CM issue. Customers should NEVER have to disable security software to install an unsigned patch. Shame on you Blizz.
Donovan, Azmodeus....

I take it you two didn't google what a false positive is?

So many people in this thread have no clue.
It works fine so far.
I don't like the idea either... I do everything by the book, have an authenticator and everything now Blizzard wants me to work around my anti-virus? Will not be long and the hackers are going to have a field day since they know everyone's anti-virus will be disabled albeit temporarily. I hope their is a real fix in the works and not just a band aid.
03/15/2011 1:29 PMPosted by Vangreth
You don't even have to turn it off for X mins. When the pop up appears click view more details, then options. And then you'll have the ability to exclude that file from scans. Which is basically telling SONAR that it is safe, until the community catches up.


Sonar uses the community as part of the way for it to detect it is safe. If you turn it off to install you are not helping the community and everyone else will continue to get the alert. Sonar only 5 had approved it last I looked. /sigh

When the message pops up click on the options link and restore file telling it to ignore that risk (file). Then close and restart the wow client.


You might have confused my post with someone elses. I was not saying to turn off SONAR. But to un-quarantine the tools patch. And, if you want, to exclude it from future scans. This allows the tools patch to install correctly, and for norton to not take any action from that file. This method also allows one to keep SONAR turned on instead of turning it off for 15 mins.

Since it takes a while for the SONAR community to catch up for a new file, and you want to play now instead of hours or even days from now, you can "mark it as safe and ignore" so you can continue. You still submit to the SONAR network either way.
@ Heirophant

I didn't need to google it, I'm a comp tech from way back in the day. I know what a false positive is.
Norton is garbage simply get a real anti virus solution and you would not have to be having these headaches and false positives and you would still be protected with out having bloatware installed on your computer :)

Check out malwarebytes and you'll never look back
This is not likely to be a Norton issue.

03/15/2011 2:10 PMPosted by Donovan
I know what a false positive is.



Well...obviously not, or you wouldn't have suggested it's "likely not a Norton issue".



And to all the non-techie's who are saying Norton is garbage without having a real clue what you're talking about...

ALL AV software has false positives, AND Symantec (Norton) actually has a smaller false positive detection rate than Avast. Don't believe me. Google it.
03/15/2011 1:05 PMPosted by Vangon
Optional fix-it steps: Uninstall Norton, download Avast! or Microsoft Security Essentials as free and better alternatives. Speaking as a computer and security expert, I would never recommend Norton.


Statements like this prove you know nothing about Security. Norton has consistently ranked in the top of AV-Comparatives results over the years. Ranking Gold in Whole Product Dynamic Protection, just being beat out by F-secure for the Overall Product of the Year. Go figure it would beat out both Microsoft SE and Avast! While I don't knock either of these programs because in terms of Free Virus they are the two best available options, but don't knock something when you clearly know nothing about it.
I stopped using AVG when version 7 decided it would be an awesome idea to change my boot files to a different file extension, causing all sorts of issues with my computer.

Never had an issue with Norton, ever...nor have I ever had a virus or trojan on any computer I have owned that has had Norton on it.

Then again, as a computer expert myself (aren't we all?), I know when I see a spoof, hack, etc.
@ heirophant

When I re-read your posts I realize that you are missing the issue that I have with the recommendation made by Blizz.

I recommend that you re-read them yourself. In doing so, you may realize that blindly following directions that have a potential to injure your system will help no one.
Thanks;}

Join the Conversation

Return to Forum