Support Forum

Registration is not required to ask a question. If you're a Pro Club member, please use our Priority Support page for a faster response.

Norton Security Suite Detection of JavaRa as Suspicious

Home Forums Product Support JavaRa Support Norton Security Suite Detection of JavaRa as Suspicious

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #9533 Reply
    Anonymous
    Inactive

    I have been using JavaRa for a couple of years now, and tried to use it as a test case for inclusion in my blog to help people having problems with Java on http://www.Pogo.com.  The problem being I can’t really include a link to the file if my antivirus is detecting “suspicious activity” when i click on the executable within the zipfile of the stable version.  It says it detects SONAR.heuristic.112 trojan activity, whatever that means. The actual zipfile as a whole scans clean.  I have submitted it to Symantec as a possible false positive, and hopefully will have a response soon, but I thought you all should know right away in case something was up with the file.  I’ve had very good luck with using it in the past to get Java back and working (although often I’ve had to install an old Java 6 version and disable updating to get it to function at Pogo, anybody has advice on this, let me know) so I hope it’s just a false positive and nothing more.  Thanks 🙂

     

    Norton Security Suite, ver 21.1.0.18

    Win7, using WinRAR and clicking on executable within.  JavaRa program window pops up, and simultaneously Norton detection window pops up.

     

    #9535 Reply
    Shane Gowland
    Keymaster

    False positives with JavaRa are a pretty common problem, because of the aggressive way it removes thousands of registry keys and files.

    I’ll submit a report to Norton too. Nothing else we can really do until someone there gets around to whitelisting it.

    #9536 Reply
    Anonymous
    Inactive

    I received an email from Symantec, they are removing the file from detections and suggest that developers join their “whitelisting” program, whatever that is.  Herein is included the text of the email:

    From: falsepositives@symantec.com
    To:address removed
    Sent: 1/21/2014 11:58:02 P.M. Mountain Standard Time
    Subj: [No Reply] False Positive Submission [3415863]
    In relation to submission [3415863].

    Upon further analysis and investigation we have verified your submission and as such this detection will be removed from our products.

    The updated detection will be distributed in the next set of virus definitions, available via LiveUpdate or from our website at http://securityresponse.symantec.com/avcenter/defs.download.html

    Decisions made by Symantec are subject to change if alterations to the Software are made over time or as classification criteria and/or the policy employed by Symantec changes over time to address the evolving landscape.

    If you are a software vendor, why not take part in our whitelisting program?
    To participate in this program, please complete the following form: https://submit.symantec.com/whitelist

    Sincerely,
    Symantec Security Response
    http://securityresponse.symantec.com
    Hope I’ve done my good deed for the day in getting JavaRa removed from their detections or whatever LOL….

    Thanks for all you do!

    the24frans

     

Viewing 3 posts - 1 through 3 (of 3 total)
Reply To: Reply #9535 in Norton Security Suite Detection of JavaRa as Suspicious
Your information: