PDA

View Full Version : SetupBuilder 10 Developer being flagged as threat by Symantec



JerryS@cat
11-30-2016, 11:25 AM
Not sure if this is the correct place to post this information or not. Feel free to move elsewhere if appropriate.

Symantec Endpoint Protection 14 began flagging the executable file for SetupBuilder 10 Developer (SB10.EXE) as a threat. The heuristic threat detection of Symantec Endpoint Protection believes the SB10.EXE virus to be infected (SONAR.AM.E!g17 is the name of the threat). I have submitted a false positive notice to Symantec with all the necessary information. Hopefully, they will address this within the very near future. Just wanted to let others know in case they receive the same threat notice.

linder
12-01-2016, 03:31 AM
Hi Jerry,

Thanks so much for the report and for submitting a false positive notice to Symantec with all the necessary information. We did the same today.

According to Virustotal, SB10.EXE is false-positive (and virus) free:
https://www.virustotal.com/en/file/85a7ba177865d85edfc5e58fb852d2083d242feb442593e26a a3c32bffb095a1/analysis/1480584367/

I hope Symantec will fix their bug soon. Could you please keep us posted?

Thanks again,
Friedrich

JerryS@cat
12-01-2016, 09:14 AM
Got a note from Symantec today, confirming the false positive on SB10.EXE. Still getting the notice on my computer since it will probably take Symantec 3 days or so for their whitelisting to take effect via their LiveUpdate mechanism.

If this false positive still continues into next week, I'll report further information here. Otherwise, assume Symantec has fixed their false positive.

linder
12-01-2016, 11:17 AM
THANK YOU SO MUCH, JERRY !!!!!

Friedrich

JerryS@cat
12-08-2016, 09:36 AM
This is just to confirm that Symantec has fixed their false positive on SB10.EXE. Haven't had any pop-up notices this week when I run SetupBuilder 10 Pro.

linder
12-09-2016, 07:04 AM
Thanks so much for the good news and for your help, Jerry !!

Friedrich