Last modified: 2012-03-02 11:03:06 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T36635, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 34635 - Norton SONAR Flagging Huggle as a virus.
Norton SONAR Flagging Huggle as a virus.
Status: RESOLVED WONTFIX
Product: Huggle
Classification: Unclassified
Application (Other open bugs)
unspecified
All All
: Low normal
: ---
Assigned To: Peter Bena
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-02-23 18:58 UTC by IWorld (V. G.)
Modified: 2012-03-02 11:03 UTC (History)
2 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description IWorld (V. G.) 2012-02-23 18:58:26 UTC 
Originally reported by MatthewRBowker
    ___________________________________________________________
     
     Originally Reported by User:Nasnema on the English Wikipedia

Norton's SONAR protection doesn't like version 2.1.18. It immediately blocks and quarantines the file complaining of suspicious activity.    At the moment I can't trust Huggle at all, because version 17 is doing crazy updates and version 18 isn't liked by Norton. 

    ___________________________________________________________

Comments:
----
Comment 1 by project member benapetr@gmail.com, Oct 16, 2011

Could you tell me if it happens with older versions too? I assume so, according to virustotal.com it's clean
----
Comment 2 by b...@mooseit.co.uk, Oct 23, 2011

It looks as though Norton's SONAR knows there is a link to previous versions, and in my case starting with my original Huggle 2.1.15, which it says is the source file.  Then I managed to update all the way to 2.1.17 without any problems, but come 2.1.18 (the third update) it's decided this is suspicious activity.  I stopped using 2.1.17 when an incident occurred of it reverting a reverter and blanked several pages in the process.

It looks harmless enough from what SONAR said it was doing to the system: Source File:
huggle 2.1.15.exe
File Created:
huggle 2.1.16.exe
File Created:
huggle 2.1.17.exe
File Created:
huggle 2.1.18.exe
____________________________
System Settings Actions
Event: Browser process start (Performed by c:\...\huggle 2.1.18.exe, PID:1412)
No action taken
Event: Process start (Performed by c:\...\huggle 2.1.18.exe, PID:5032)
No action taken

I am going to break this chain and try again having removed the file from quarantine. Nasnema.
----
Comment 3 by project member benapetr@gmail.com, Oct 23, 2011

OK, let me know if you had more troubles with that, otherwise I consider this as sorted out
----
Comment 4 by b...@mooseit.co.uk, Oct 27, 2011

I couldn't get SONAR to forget anything so I'll have to wait for a new version and ensure that it is a direct download. Maybe I'll wait for version 3.
    ___________________________________________________________
     
    Moved from the Google Code Issues Tracker (http://code.google.com/p/huggle/issues/list)
Comment 1 Peter Bena 2012-03-02 11:03:06 UTC 
This is likely issue on side of norton, huggle doesn't contain malicious code
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links