Norton detect high risk

6 posts / 0 new
Last post
Tammam
Tammam's picture
Norton detect high risk

Norton detect high risk in alfareaderinternal.exe
as below:

Filename: alfareaderinternal.exe
Threat name: Heur.AdvML.BFull Path: d:\program files\alfa.netsoft\alfa ebooks manager\alfareaderinternal.exe

____________________________

____________________________

On computers as of 
7/14/2017 at 12:01:03 AM

Last Used 
7/14/2017 at 12:03:03 AM

Startup Item 
No

Launched 
No

Threat type: Heuristic Virus. Detection of a threat based on malware heuristics.

____________________________

alfareaderinternal.exe Threat name: Heur.AdvML.B
Locate

Few Users
Fewer than 50 users in the Norton Community have used this file.

Mature
This file was released 8 months ago.

High
This file risk is high.

____________________________

Source: External Media

Source File:
alfareaderinternal.exe

____________________________

File Actions

File: d:\program files\alfa.netsoft\alfa ebooks manager\ alfareaderinternal.exe Removed
____________________________

File Thumbprint - SHA:
888e159cd8f4df9873565f2a16e91d8fa12a9bbcb80e02beabb4a5729366da6e
File Thumbprint - MD5:
490584faff23f0f26c9db53823333ac7

admin
admin's picture

Tammam, please add this file to Nortons exceptions
d:\program files\alfa.netsoft\alfa ebooks manager\ alfareaderinternal.exe

It's absolutely safe program

Tammam
Tammam's picture

I cannot do that in such unsafe cyber world
If you think this high risk is safe it will be better if you solve this issue with Norton by reporting it as false positive

Noxcivis
Noxcivis's picture

Tammam wrote:I cannot do that in such unsafe cyber world
If you think this high risk is safe it will be better if you solve this issue with Norton by reporting it as false positive

Once this has been validated with Norton as a false positive I will proceed with a purchase.

Would recommend that https://submit.symantec.com/false_positive submit the exe and post back a formal reply to this thread. I am sure that Alfa.NetSoft are very interested in ending this thread positively and with 100% confidence. A formal response from Symantec (even automated) would be very valuable.

I do have a high level of confidence that the file is safe, based on a https://www.virustotal.com/en/file/aa3dfca6c7f2f2244f80639f0c60b4a69d2e0b57860dbb1e961c20a4bcad47d2/analysis/1500409611/ scan. That being said I think it important that we have more than "It's absolutely safe program". :)

Noxcivis
Noxcivis's picture

For the record, from Symantec...

In relation to submission 41844.

Upon further analysis and investigation we have verified your submission and, as such, the detection(s) for the following file(s) will be removed from our products:

File name: AlfaReaderInternal.exe
MD5: 974c9a73ce1876026a8202f5f2beec3a
SHA256: aa3dfca6c7f2f2244f80639f0c60b4a69d2e0b57860dbb1e961c20a4bcad47d2
Note: Whitelisting may take up to 24 hours to take effect via Live Update

If detection persists, please contact support:
* Norton: https://support.norton.com/sp/en/us/home/current/info
* SEP: https://support.symantec.com/en_US/endpoint-protection.54619.html

Decisions made by Symantec are subject to change if alterations to the Software are made over time or as classification criteria and/or the policy employed by Symantec changes over time to address the evolving landscape.

If you are a software vendor and would like to upload your software for proactive whitelisting, please complete one of the following forms:
* If you are BCS customer: https://submit.symantec.com/whitelist/bcs
* Otherwise: https://submit.symantec.com/whitelist

For more information on best practices to reduce false positives:
http://www.symantec.com/content/en/us/enterprise/white_papers/b-to_increase_downloads-instill_trust_first_WP.en-us.pdf

admin
admin's picture

Hi, Norton requires certificate that we can't provide yet. So for now we'll be hackers and steal ebooks from every our user