< All Topics

Why does Norton say that the MultiWalk download is a threat?

The Problem

Norton Antivirus software has a feature called “Download Insight”.  It uses a “reputation score” to determine if an EXE file download is a threat.  The scoring system is problematic and makes assumptions that, I think, are poor measures of a download’s threat status.  That should be done by the virus scanner itself and not simply because a download — that you initiated — is new on a website.

This is particularly problematic when I make new releases and has plagued me all the way back to MultiOpt days.  Since I use a version number in the file name, the name of the file is unique for each release.  Norton automatically gives this a low reputation score which triggers its warning that this download is a threat.

Here’s my frustration with Norton’s “Download Insight”.  I spend hundreds of dollars every year on a Microsoft code signing certificate.  I have been vetted by a recognized 3rd party certificate authority (Sectigo).  This certificate is embedded in every MultiWalk release.  That alone authenticates the legitimacy of the download and should supersede any threat warning from Norton based on the “newness” of the download.  It was truly insightful, it would recognize the authority certificate!

Norton will complain with any number of false-positive errors that may look like the following depending on your Norton version:

The Fix

So what can be done?  Ignore this erroneous false-positive message.  MultiWalk is NOT a threat to your system.

If you are running Norton (or any other virus software that erroneously flags MultiWalk as a threat), you can:

  1. Exclude the MultiWalk-Setup-Release-[version].exe download or your download folder from Norton’s detection system.  Add them as an exceptions.
  2. Turn OFF Norton’s “downloader intelligence”

Norton gives instructions on how to do either of the above here:

https://support.norton.com/sp/en/us/home/current/solutions/v80629965

It is also possible to submit the download to Norton as a “false positive”, meaning that the download is legitimate and is erroneously being flagged as a threat.  I will occasionally do this when I hear from a user that Norton has complained about a release, but I tend to make frequent releases to be responsive to the MultiWalk community of users, and can’t see allocating additional time to contact all the virus detection software products that are flagging MultiWalk downloads as threats.  MultiWalk downloads conform to security industry standards.

So if this happens to you, please add the MultiWalk download as an exception or just disable the download detection features of these software products.

 

 

 

Table of Contents