RESOLVED Urgent FTX Problem - FTX Day deleted after Norton Scan

[Plugger69]

Hi Guys,

 

I'm sure there is an explanation for this, or at least I hope there is.

 

After my recent un-install and then re-install of FSX along with FTX Australia and also Brisbane Intl YBBN, I just did a Norton scan as I had also downloaded and installed a couple of freeware aircraft and as I do after all installations, I run Norton and it came up that there was a security threat that came up with the following :
 

Category: Quarantine

Date & Time,Risk,Activity,Status,Recommended Action,Path - Filename

2013-07-11 17:46:46,High,ftxlights_day.exe (Suspicious.Cloud.7.EP) detected by Auto-Protect,Quarantined,Resolved - No Action Required,c:\program files (x86)\microsoft games\microsoft flight simulator x\orbx\scripts\ftxlights_day.exe

 

When I then click on more details it has the following information :

Full Path: c:\program files (x86)\microsoft games\microsoft flight simulator x\orbx\scripts\ftxlights_day.exe

Threat: Suspicious.Cloud.7.EP

 

It then has this information under file insight :

 

On computers as of Not Available

Last Used 11/07/2013 at 5:46:46 PM

Startup Item No

Launched No

____________________________

____________________________

Unknown

Number of users in the Norton Community that have used this file: Unknown

____________________________

Unknown

This file release is currently not known.

____________________________

High

This file risk is high.

____________________________

Threat Details

Threat type: Heuristic Virus. Detection of a threat based on malware heuristics.

____________________________

 

____________________________

File Actions

File: c:\program files (x86)\microsoft games\microsoft flight simulator x\orbx\scripts\ftxlights_day.exe

Removed

____________________________

File Thumbprint - SHA:

3a1d83c965c987bbf9f59dd81688c15cc77ab6c6e5f27fc58f3c4ab01857f36c

____________________________

File Thumbprint - MD5:

575456a07756d4740de9a0d74fed4b36

____________________________

 

 

 

What it has now done is deleted the FTX Day and removed it as a security threat but it still allows me to use and click on FTX Night Lights...Could someone give me a please explain and how can I bring my FTX Day back up to use please.

 

Cheers,

 

Chris

 

[Ian Routley]

Typically Norton 'Quarantines" the file  ... which would appear to be what it is informing you on this occasion.

 

Perhaps Check the Quarantine section within Norton's user interface, and instruct it to restore the file.

[Plugger69]

Ian,

 

You are a scholar and a legend my friend.

 

Just followed your instructions and BINGO ! I restored it from quarantine and I excluded that from all future scans and FTX Day lets me select it again.

 

Just out of curiosity, is there any reason that it would have done that in the first place ?

 

Cheers,

 

Chris

[Ian Routley]

From memory, we have seen this before.

 

The 'signature' used to detect the virus cross-reacts with a legitimate program.  It can also be an issue with overly aggressive heuristic scans that object to FTXDay changing files within the Program Files directory.

 

Not as bad as McAfee though, but don't get me started .....

[fltsimguy]

Suggest you take the time to learn how to use Nortons exclude from scan features, IE like exclude FSX folder and all subfolders.

 

Pet peeve..using "urgent" for topic titles for computer gaming.

[Plugger69]

Thanks again Ian, much appreciated and point taken fltsimguy about he "Urgent" for topic titles...)

 

Cheers,

 

Chris