Harris Tech Audio - click to return to the home page.

 

  
Technical Note 30
“Security Risk Detected” when updating the driver database

 
This Technical Note discusses a security warning that can occur on some PCs when you install our driver database update for BassBox 6 Pro and/or X•over 3 Pro. An example from Norton Security is shown below:


 
Examine the warning in the red band near the top. The first thing to notice about the warning is that the security program has not found an actual virus or malicious program. Rather, it thinks the “behavior” of the program is “suspicious” (in this case, our driver database updater). The name of the suspicious file is listed at the top of the right column under the red band (in this case it is our driver database updater: “htdb0220.exe”) and the threat name is identified below it as “SONAR.Heuristic.170”. This threat name may vary—especially from one security program to another—and it is not the name of a virus. Rather, it identifies that the threat was discovered by heuristic analysis.
 
You see, there are two ways that antivirus software identifies a malicious program. The primary method is to examine the computer code inside the program to see if it matches any known malicious code. Every time a new virus is discovered, security companies like Symantec (the owners of Norton Security) analyze the code of the virus so a definition can be created for this purpose. This is why you must regularly update the virus definitions of your security program. However, this is not what happened here because a specific virus was not found.
 
The secondary way that antivirus software identifies a malicious program is to observe its behavior (that's what “heuristic” refers to). If its behavior is suspicious, the user will be alerted that there is a security risk. This is what happened here.
 
Fortunately, there is no actual risk with our driver database update. The reason our updater triggered the warning is because it must modify the driver database file which is stored in a secure system folder in your PC. The updater must be allowed to proceed or else the driver database will not be updated. So you need to click on “Allow this program to continue” (circled in the image above). When you do, another dialog box (shown below) will usually appear, asking you to confirm your choice."
 

 
You must click on “Yes” to allow the driver database updater to proceed.
 
The above example used Norton Security, a popular antivirus and antimalware program. But a similar situation can occur with any security program that employs heuristic analysis to identify unknown threats (that is, threats for which no virus definition exists yet). If you ever doubt whether our driver database updater is really safe, we recommend that you submit it to VirusTotal, a trusted independent source for free virus scans. They will scan any file you upload to them with 70 antivirus programs and report the results.
 

 

Technical Notes for
all of our products:

 
BassBox 6 Pro
BassBox 6 Lite
X•over 3 Pro
Typeface Collection
BassBox 5.1
X•over 1.0-2.x
 

Technical Support for the Woofer Tester 2
by Smith & Larson Audio:
 
  FAQs
  Forum
  Contacts

Copyright © 2022 by Harris Technologies, Inc. All rights reserved worldwide.