NIS 22.5 gives too many false positives and removed files permanently

[breathejustice]

The updated NIS 22.5 gives me too many false positive...

After NIS was upated, I ran full scan.
Some of matlab files, many of anaconda python files, pot player, gom player, and irfanview were detected as a virus.

The worst thing is that the detected files were removed permanently.. , so it cannot be restored.
I think it should have been quarantined.

 

[Venustus]

The updated NIS 22.5 gives me too many false positive...

It is a headache to me now.

Some of matlab files, many of anaconda python files, pot player, gom player are detected as a virus.
The worst thing is that the detected files are removed permanently.. , so it cannot be restored.
I think it should have been quarantined.

You can restore the file from quarantine and deem it safe!
Check your quarantine!

 

[breathejustice]

You can restore the file from quarantine and deem it safe!
Check your quarantine!

No... they are removed permanently.

Some of them are quarantined,
some of them are removed permanently.

 

[Venustus]

No... they are removed permanently.

Some of them are quarantined,
some of them are removed permanently.

You can specify what files/ folders are exluded from sonar detections in the exclusion section of the program!
Are your settings set at default or agressive?

 

[breathejustice]

You can specify what files/ folders are exluded from sonar detections in the exclusion section of the program!
Are your settings set at default or agressive?

It has been default.... I have never changed the setting or options of NIS.
But some of detected files are removed permanently.

 

[Venustus]

It has been default.... I have never changed the setting or options of NIS.
But some of detected files are removed permanently.

Strange, I have never had any false positives!
I have installed some of the programs you mention without any alerts!

 

[frogboy]

I have never had a false positive with Norton either and i also have some of the programs you mentioned without alerts either.

 

[breathejustice]

Strange, I have never had any false positives!
I have installed some of the programs you mention without any alerts!

Did you run with full scan ?

I have never had a false positive with Norton either and i also have some of the programs you mentioned without alerts either.

Did you run with full scan ?

 

[frogboy]

Did you run with full scan ?

Yes many times.

 

[Abhishek Singha]

Is there any 60 or 90 days trial for nis 22.5?

 

[jamescv7]

Technically what detection name was mentioned from those files? It can be a generic detection especially when you are doing compile files from python due to behavior that can be link to malware; but others well likely try to lower down the sensitivity of heuristics.

 

[breathejustice]

The problem is solved except anaconda python as follows.

I have updated the softwares to the latest one.
Matlab 2014b --> 2015a
potplayer --> updated to the current version
gomplayer --> updated to the current version

(Old versions are detected as a virus by NIS cloud engine.. weird...)

Remove portable version.
irfanview --> remove the portable version

But, NIS detect python anaconda as virus by cloud engine.
Maybe, NIS users do not use anaconda python.

 

[breathejustice]

Technically what detection name was mentioned from those files? It can be a generic detection especially when you are doing compile files from python due to behavior that can be link to malware; but others well likely try to lower down the sensitivity of heuristics.

Detection names are Suspicuous.Cloud.2, or 7.1 or 9

Now, I have excluded anaconda python from the scan and sona, and reinstalled anaconda.

 

[jamescv7]

@breathejustice : Well just report for Norton from their cloud component as it can changed immediately as possible. (in case of suspicious cloud)