Symantec Noting this Web Site Unsafe

Started by Resthome, March 04, 2017, 05:13:11 PM

Previous topic - Next topic

Resthome

Hey Ryan what up with this?  Symantec doesn't like your site.






John

10 x Kyocera KC140, Classic 150 w/WBJr, Link10 Battery Monitor, 850 AH @ 12v Solar One 2v cells, Xantrex PROwatt SW2000
Off Grid on Houseboat Lake Don Pedro, CA

ClassicCrazy

My anti-virus is not giving warnings - I use a version of Symantec too.

Larry
system 1
Classic 150 , 5s3p  Kyocera 135watt , 12s Soneil 2v 540amp lead crystal for 24v pack , Outback 3524 inverter
system 2
 5s 135w Kyocero , 3s3p 270w Kyocera  to Classic 150 ,   8s Kyocera 225w to Hawkes Bay Jakiper 48v 15kwh LiFePO4 , Outback VFX 3648 inverter
system 3
KID / Brat portable

Resthome

It appears to be with a Symantec plugin with the Chrome browser. Don't see it with any other browser but they probably are not using the same add on.

Most likely a false positive. But MN should contact
Symantec about it. Using Norton Security Suite provide with Comcast ISP.
John

10 x Kyocera KC140, Classic 150 w/WBJr, Link10 Battery Monitor, 850 AH @ 12v Solar One 2v cells, Xantrex PROwatt SW2000
Off Grid on Houseboat Lake Don Pedro, CA

mike90045

web checker  has 2 hits

don't anyone click on  them till known safe

Threat Name:
Trojan.Gen.2
Location:
http://kb1uas.com/MidNite/Classic%20Programmer.zip

Threat Name:
Trojan.Gen.2
Location:
http://kb1uas.com/mnsforum/index.php?action=dlattach;topic=3584.0;attach=5509
http://tinyurl.com/LMR-Solar

Classic 200| 2Kw PV, 160Voc | Grundfos 10 SO5-9 with 3 wire Franklin Electric motor (1/2hp 240V 1ph )| Listeroid 6/1, st5 gen head | XW6048 inverter/chgr | midnight ePanel & 4 SPDs | 48V, 800A NiFe battery bank | MS-TS-MPPT60 w/3Kw PV

Resthome

Interesting the first one is the firmware package for WIN10. boB had a hit on firmware awhile back. Believe he remove a file that was causing it.  I still think they are false positives but MN should resolve it with some one like Symantec IMHO.
John

10 x Kyocera KC140, Classic 150 w/WBJr, Link10 Battery Monitor, 850 AH @ 12v Solar One 2v cells, Xantrex PROwatt SW2000
Off Grid on Houseboat Lake Don Pedro, CA

Halfcrazy

Yep some anti virus stuff doesn't like a zipped file. I suppose I can remove those 2 and make them links instead?
Changing the way wind turbines operate one smoke filled box at a time

keithwhare

Quote from: Resthome on March 04, 2017, 11:34:32 PM
Interesting the first one is the firmware package for WIN10. boB had a hit on firmware awhile back. Believe he remove a file that was causing it.  I still think they are false positives but MN should resolve it with some one like Symantec IMHO.

In the W10 firmware update kit I downloaded last week, Symantec Endpoint is flagging "Classic Programmer.exe" as containing something it calls "Trojan.Gen.2".

According to Symantec Trojan.Gen.2 is a generic detection for many individual but varied Trojans for which specific definitions have not been created. A generic detection is used because it protects against many Trojans that share similar characteristics.

Keith




Westbranch

randomly the L App still jumps up with an error too.. and yes it it seems to be zipped files as the error ... W...? now a POS
KID FW1811 560W >C&D 24V 900Ah AGM
CL150 29032 FW V.2126-NW2097-GP2133 175A E-Panel WBjr, 3Px4s 140W > 24V 900Ah AGM,
2 Cisco WRT54GL i/c DD-WRT Rtr, NetGr DS104Hub
Cotek ST1500 Inv  want a 24V  ROSIE Inverter
OmniCharge3024  Eu1/2/3000iGens
West Chilcotin 1680+W to come

Resthome

#8
Quote from: Halfcrazy on March 05, 2017, 05:48:48 AM
Yep some anti virus stuff doesn't like a zipped file. I suppose I can remove those 2 and make them links instead?

The "classic programmer.exe" file is being removed and quarantined by Symantec from the Windows firmware download of the zip file.

So if you unzip the file the "classic programmer.exe" is not there.  :(

It was first quarantined on my machine on 1/15/17.
John

10 x Kyocera KC140, Classic 150 w/WBJr, Link10 Battery Monitor, 850 AH @ 12v Solar One 2v cells, Xantrex PROwatt SW2000
Off Grid on Houseboat Lake Don Pedro, CA

boB


This is the very reason I do NOT use Norton or Mcaffee or AVG anymore.  They have gotten LAZY in their techniques.
Probably got bought by some company that doesn't have any idea what they are doing and running only on name
to keep their business running.

I don't use ANY third party anti-virus anymore.  However, I  DO  use  NoScript that needs my intervention to allow
any web sites to run java or flash etc.  I also use Windows Defender built into WIN 7 which works great AND does
not BOTHER me with superfluous and annoying program stoppages like these other ones.
As annoying as MS is, the department that runs defender obviously has their stuff together !

Also, if I have any questions regarding a file, I load it to Google's fantastic virus tester,

https://www.virustotal.com/

which runs a test using 58 or so different anti-virus scanners for free.

This particular false-positive alert showed up in 4 or 10  of those 58 virus scanners.
virustotal also appears to use the latest version of these checkers.  This false alert
was not in the classic updater itself but instead was the .exe that zips everything up
for download.

Anti-virus has turned into a very large racket indeed !

boB
K7IQ 🌛  He/She/Me

Resthome

#10
Hum... Windows Defender hits the "classic programmer.exe" for me. And it's the actual firmware loader program that is showing the hits for me. Of course it shows the zip file because the "classic programmer.exe" is in the zip file. And showing 19 our of 57 on virustotal.


John

10 x Kyocera KC140, Classic 150 w/WBJr, Link10 Battery Monitor, 850 AH @ 12v Solar One 2v cells, Xantrex PROwatt SW2000
Off Grid on Houseboat Lake Don Pedro, CA

boB

#11
Yeah, it's classic programmer.exe  that shows up as a virus when it isn't.  That's the container and
zipper program for all the other classic uploader stuff.

There WAS, about a year and 1/2 ago, a version of the classic and MNGP update that
showed up as a virus too, sometimes...  That was also a false alert.

I haven't been using the new container exe so that may be why my defender hasn't seen it ?

Either way, it's not a virus.  They're getting very lazy !

boB
K7IQ 🌛  He/She/Me