New Norton 2009 deletes Fah everytime!

[thriftyj*]

I am running the beta SMP client 6.23 r1 which I just installed since the 6.2 died on Feb 2. I read in PC Magazine that the new Norton 2009 Utilities was pretty good (wouldn't slow the machine down as much as other anti-virus appys) so I tried it.

The first thing it did was shut down F@H deleting SMPD.exe as a high priority threat. It closed off all ports to Stanford and shut down MPI.exe and of course the folks at Norton (India) confirmed that the program is running properly

Could we document that SMPD.exe is not malware?

[Xilikon]

Toss Nortin 2009 in the garbage bin and kill it with fire. It is always a POS no matter what. PC Magazine is just good for wiping asses since it's just paid advertisement

[7im]

As usual, Xili is overstating or exagerating the problem, and we will agree to disagree, again.

SMPD.exe is not malware. There, documented. (smpd.exe just happens to be a file commonly used by hackers in their attempts to spread viruses, so AV vendors go nuts on that file and many others)

Regardless of what AV software you use, it will either be too aggresive, or not aggresive enough, or like AVG, give a lot of false positives.

I swear by Norton AV, and have used it for *many* years. I've had to manually configure and allow SMPD and fahcores through Norton's firewall for several versions now. Looks like v2009 is even more agressive. Oh well.

Re install the client, or just extract the missing files, and then reconfigure Norton to accept the activies of the fah client files. Then launch the client, and all is well again.

Thanks for the warning! I was just about to upgrade myself.

[Xilikon]

Sorry but I'm not overstating myself... I'm a senior IT technician and Norton is in our forbidden software for installation to judges laptops due to various issues. If it's too agressive and delete a harmless but very important document, go handle the pissed off judge yourself I'm not even speaking about the amount of bloat in Norton suite.

If you had to manually configure Norton AV 2009 to allow SMPD anf fahcores to run, it's a defective software for me. It should be prompting to allow or deny instead...

[Xilikon]

Remember it's just my opinion and those of our IT security commitee. If someone is happy, good for them

Actually, I didn't mess with it a lot but a security analyst told me that it's possible configure the client to delete instead of keeping it in quarantine as a move to make it idiot-proof, which is usually what Symantec is doing. No wonder n00bs buy this software... Also, it seems it's the firewall portion which is being too far with a program which ask to open ports. A normal firewall should block ports, not delete the program just because it's unknown !

EDIT : WTF is this post above 7im's post instead of below ???

[7im]

Sorry but I'm not overstating myself... I'm a senior IT technician and Norton is in our forbidden software for installation to judges laptops due to various issues. If it's too agressive and delete a harmless but very important document, go handle the pissed off judge yourself I'm not even speaking about the amount of bloat in Norton suite.

If you had to manually configure Norton AV 2009 to allow SMPD anf fahcores to run, it's a defective software for me. It should be prompting to allow or deny instead...

Opinions vary from all types of IT staff. Some love Norton, some hate it. And some IT staff make the rules, and some powerful users make the IT rules.

At least we agree on that last part, if that's actually the case about deleted files? But quarantined files are not the same as deleted, and no version of Norton that I know of deletes files instead of putting them in quarantine unless you have configured Norton to delete instead of quarantine.

[MstrBlstr]

EDIT : WTF is this post above 7im's post instead of below ???

There were some issues with the internal clock setting on the server. That has been fixed, and may have (as a side affect) jumbled a few of the posts on the forum, depending on your timezone.

Then again, I could be wrong.

If it bothers you that much, just re-post the post, and one of the Mods can delete the first one.

[uncle_fungus]

There were some issues with the internal clock setting on the server. That has been fixed, and may have (as a side affect) jumbled a few of the posts on the forum, depending on your timezone.

Then again, I could be wrong.

See: viewtopic.php?p=83250#p83250

[MstrBlstr]

Remember it's just my opinion and those of our IT security commitee. If someone is happy, good for them

Actually, I didn't mess with it a lot but a security analyst told me that it's possible configure the client to delete instead of keeping it in quarantine as a move to make it idiot-proof, which is usually what Symantec is doing. No wonder n00bs buy this software... Also, it seems it's the firewall portion which is being too far with a program which ask to open ports. A normal firewall should block ports, not delete the program just because it's unknown !

Or I can do this.

[codysluder]

EDIT : WTF is this post above 7im's post instead of below ???

Because your post was made almost two hours before 7im post. What timezone is in your profile?

[John Naylor]

@codysluder: it was actually made about 5 hours after 7im's post, but the clock got screwed up as mentioned above so it was placed before 7im's post rather than after it where it should have been...

[anko1]

7im: "SMPD.exe is not malware. There, documented. "

Norton must have accepted your authentication. If you run the live updates to the 2009 install, it allows SMP to run w/o problem. I learned the hard way. Forgot to run live-up date before starting SMP on one of my machines, and of course, Norton killed it (fixed by removing from quarantine). Next time I happened to run the live update first, and no problems on my other machines.

[7im]

Heh, thanks.

I have seen Norton Internet Security 2010 quarantine new fahcore files. Every AV software out there is set just slightly over aggressively, because the alternative is not pretty. Fact of life we all have to deal with in the internet v1.0 age. Look at all the false positives from AVAST posted here in the forum. Anyway, as soon as a handful of us people unquarantine those fah files, and report that back to Norton, then Norton will stop zapping them in the next udpate.

[v00d00]

I dont know, comodo isnt to bad. Nice firewall and nice antivirus. Doesnt bother you to much, and you can add any exceptions as you wish.

Norton has always hogged resources. Possibly the worst, over advertised, antivirus package on the market, and has been for years. Also a major pain in the ass to remove.

[7im]

Actually Norton heard you and Xilikon complain about that, and Norton is much improved starting in 2009. See his post above... Your impression of the product is based on older versions. Norton is better now.

And even though AVAST has the false positives, I very much like their pro version as well.