Security risk issues


#1

Every time I try to run it, Norton stops it. There’s apparently a bad Trojan file attached to it?


#2

There is no trojan. My guess is either this is yet another false positive or simply heuristics guessing because it is not a so-called “common file”.

At this time, my current process is to send files to Virustotal when I first upload them, send out any false positive claims that immediately appear and then don’t bother again because the AV engines constantly change and it really never ends.

As I regularly deal with these claims, my answer is pretty simple - if you don’t trust it, don’t run it.

Just for some thought though, this is open source, freeware, non-ad supported, beta software that’s used by less than a handful of people that doesn’t even have an installer, nor has/needs Administrator rights. There would be no advantage to putting malware in such software.


#3

No, it definitely seems to be detecting a real Trojan file. I even went to the details page Norton has for it, and it is a known one that has existed for at least two years or so. I can’t install it as a result.


#4

It is possible that you are confusing Butterfly for Reviver as Butterfly has no installation. Reviver is more likely to be detected as a false positive as it does modify another application (ie. Messenger) which of course is “suspicious”.

Regardless, nothing I distribute has a trojan and Norton is in the wrong here. Antivirus software works exclusively on guess work, working on a signature/definition of a file to try and figure out if it contains malware and a reputation score. This is effectively like humming the part of a song to a friend and expecting your friend to identify the song correctly based on what songs they’ve heard before in their life and how often. A guess is not an identification.

Although you yourself can do this from within your Norton software, I took the liberty of sending both Butterfly and Reviver to Symantec/Norton’s labs on your behalf who have identified these latest false positives in both Reviver and Butterfly and have already removed it from the antivirus definitions from April 9th onwards.

These definitions have already populated to Virustotal and you can review the results yourself:
For Messenger Reviver 2.4.3
For Butterfly Messenger 0.1.0

Symantec informs me that it can take approximately 24 hours for definition updates to populate to Norton software.


#5

I’m sure it was the butterfly exe file. I chose to ignore the warning, but still can’t use the program. Like some other people who have posted in the comments, I get an error message when I try to log in.


#6

Is something going on? You still haven’t replied. On top of that, it’s been ages, but you still haven’t approved my comment on the blog about the issue, even though you’ve approved lots of comments made after mine…


#7

Have you tested any other A/V program? I’ve never used Norton; never will. I’ve perfectly innocuous documents Norton users, and they get all wrapped around the axle because they’ve gotten a message that it’s “infected,” a “virus,” a trojan… They weren’t.


#8

I use Norton and I have no such warning. I even had it specially scan each file in the Butterfly download. As Jonathan said… if something is wrong for you it is a false positive. Norton does this a lot. Maybe delete it and redownload it. Or just not use it. As most people have not gotten an issue.


#9

I appreciate the effort, guys, but the problem has changed. I can’t log in, and neither can a lot of other people. And, for some reason, the messenger’s creator is ignoring us. I posted a comment describing the issue, and he still hasn’t approved it, despite approving comments made after mine. I don’t know what his problem with me is, but this passive agressive behavior gets on my nerves.