Text only | Text with Images

A Forum run by Enthusiasts of MidNite Solar

General Category => General Discussion => Topic started by: Resthome on March 04, 2017, 05:13:11 PM

Title: Symantec Noting this Web Site Unsafe
Post by: Resthome on March 04, 2017, 05:13:11 PM
Hey Ryan what up with this?  Symantec doesn't like your site.






Title: Re: Symantec Noting this Web Site Unsafe
Post by: ClassicCrazy on March 04, 2017, 08:47:50 PM
My anti-virus is not giving warnings - I use a version of Symantec too.

Larry
Title: Re: Symantec Noting this Web Site Unsafe
Post by: Resthome on March 04, 2017, 09:10:54 PM
It appears to be with a Symantec plugin with the Chrome browser. Don't see it with any other browser but they probably are not using the same add on.

Most likely a false positive. But MN should contact
Symantec about it. Using Norton Security Suite provide with Comcast ISP.
Title: Re: Symantec Noting this Web Site Unsafe
Post by: mike90045 on March 04, 2017, 11:09:00 PM
web checker  has 2 hits

don't anyone click on  them till known safe

Threat Name:
Trojan.Gen.2
Location:
http://kb1uas.com/MidNite/Classic%20Programmer.zip

Threat Name:
Trojan.Gen.2
Location:
http://kb1uas.com/mnsforum/index.php?action=dlattach;topic=3584.0;attach=5509
Title: Re: Symantec Noting this Web Site Unsafe
Post by: Resthome on March 04, 2017, 11:34:32 PM
Interesting the first one is the firmware package for WIN10. boB had a hit on firmware awhile back. Believe he remove a file that was causing it.  I still think they are false positives but MN should resolve it with some one like Symantec IMHO.
Title: Re: Symantec Noting this Web Site Unsafe
Post by: Halfcrazy on March 05, 2017, 05:48:48 AM
Yep some anti virus stuff doesn't like a zipped file. I suppose I can remove those 2 and make them links instead?
Title: Re: Symantec Noting this Web Site Unsafe
Post by: keithwhare on March 05, 2017, 08:11:04 AM
Quote from: Resthome on March 04, 2017, 11:34:32 PM
Interesting the first one is the firmware package for WIN10. boB had a hit on firmware awhile back. Believe he remove a file that was causing it.  I still think they are false positives but MN should resolve it with some one like Symantec IMHO.

In the W10 firmware update kit I downloaded last week, Symantec Endpoint is flagging "Classic Programmer.exe" as containing something it calls "Trojan.Gen.2".

According to Symantec Trojan.Gen.2 is a generic detection for many individual but varied Trojans for which specific definitions have not been created. A generic detection is used because it protects against many Trojans that share similar characteristics.

Keith



Title: Re: Symantec Noting this Web Site Unsafe
Post by: Westbranch on March 05, 2017, 11:12:40 AM
randomly the L App still jumps up with an error too.. and yes it it seems to be zipped files as the error ... W...? now a POS
Title: Re: Symantec Noting this Web Site Unsafe
Post by: Resthome on March 05, 2017, 02:09:01 PM
Quote from: Halfcrazy on March 05, 2017, 05:48:48 AM
Yep some anti virus stuff doesn't like a zipped file. I suppose I can remove those 2 and make them links instead?

The "classic programmer.exe" file is being removed and quarantined by Symantec from the Windows firmware download of the zip file.

So if you unzip the file the "classic programmer.exe" is not there.  :(

It was first quarantined on my machine on 1/15/17.
Title: Re: Symantec Noting this Web Site Unsafe
Post by: boB on March 05, 2017, 04:00:44 PM

This is the very reason I do NOT use Norton or Mcaffee or AVG anymore.  They have gotten LAZY in their techniques.
Probably got bought by some company that doesn't have any idea what they are doing and running only on name
to keep their business running.

I don't use ANY third party anti-virus anymore.  However, I  DO  use  NoScript that needs my intervention to allow
any web sites to run java or flash etc.  I also use Windows Defender built into WIN 7 which works great AND does
not BOTHER me with superfluous and annoying program stoppages like these other ones.
As annoying as MS is, the department that runs defender obviously has their stuff together !

Also, if I have any questions regarding a file, I load it to Google's fantastic virus tester,

https://www.virustotal.com/

which runs a test using 58 or so different anti-virus scanners for free.

This particular false-positive alert showed up in 4 or 10  of those 58 virus scanners.
virustotal also appears to use the latest version of these checkers.  This false alert
was not in the classic updater itself but instead was the .exe that zips everything up
for download.

Anti-virus has turned into a very large racket indeed !

boB
Title: Re: Symantec Noting this Web Site Unsafe
Post by: Resthome on March 05, 2017, 06:44:04 PM
Hum... Windows Defender hits the "classic programmer.exe" for me. And it's the actual firmware loader program that is showing the hits for me. Of course it shows the zip file because the "classic programmer.exe" is in the zip file. And showing 19 our of 57 on virustotal.


Title: Re: Symantec Noting this Web Site Unsafe
Post by: boB on March 05, 2017, 09:19:25 PM
Yeah, it's classic programmer.exe  that shows up as a virus when it isn't.  That's the container and
zipper program for all the other classic uploader stuff.

There WAS, about a year and 1/2 ago, a version of the classic and MNGP update that
showed up as a virus too, sometimes...  That was also a false alert.

I haven't been using the new container exe so that may be why my defender hasn't seen it ?

Either way, it's not a virus.  They're getting very lazy !

boB
Text only | Text with Images