gfxgfx
 
Please login or register.

Login with username, password and session length
 
gfx gfx
gfx
75436 Posts in 13210 Topics by 2646 Members - Latest Member: Birchy65 December 15, 2017, 10:20:49 am
*
gfx*gfx
gfx
WinMX World :: Forum  |  WinMX World  |  Site Feedback  |  Norton Safe Search shows 33 items from this site as harmful
gfx
gfxgfx
 

Author Topic: Norton Safe Search shows 33 items from this site as harmful  (Read 3582 times)

0 Members and 1 Guest are viewing this topic.

Offline Draghon

  • Forum Member
Norton Safe Search shows 33 items from this site as harmful
« on: December 31, 2010, 03:49:09 am »
I have used Winmx and this site since b4 the great Free Download fiasco years ago... I just started using Norton from Comcast and it shows a report of 33 items on this site as trojans and key loggers and such, I don't know if someone is just screwing this site or if they are true, but I have never had a problem DLing the WinMX + patch files... here's the link to the Norton site about this site... http://safeweb.norton.com/report/show?url=winmxworld.com [nofollow]

Offline Bieb

  • Forum Member
Re: Norton Safe Search shows 33 items from this site as harmful
« Reply #1 on: December 31, 2010, 03:52:18 am »
No those are false claims.

I really don't recommend using norton or mcaffee. Both can be considered viruses themselves as they intertwine themselves into your system and slow it down a lot.

I recommend Microsoft Security Essentials:  http://www.microsoft.com/security_essentials/


Or there are multiple other FREE anti viruses that are very light and effective as well: AVG, avast, avira, etc.



So don't worry, no trojans on this website. :)

Offline nylly444

  • The /root of all evil ;-)
  • WMW Team
  • *****
Re: Norton Safe Search shows 33 items from this site as harmful
« Reply #2 on: December 31, 2010, 08:53:15 am »
The reason some programs in the archive get flagged is simply that technically they could in fact be considered viruses.
A virus uses certain techniques to get access to a program and change it's functions.
The AV program simply picks up on these techniques and detect them - without knowing the intention behind it :)
Since nobody has the source code to winmx some of the programmers simply had to use these same techniques to get access to some winmx functions though.

What it comes down to is wether you believe that the winmx community has good or bad intentions I guess - but if you've been here for years that shouldn't be much of a question - I hope... :lol:
I can assure you that any program in the archive and the complete website gets looked at thouroughly before it's put there and if there ever IS some function that shows to be not freindly so to speak we will not offer it for download.

Hope that clears things up a bit :walk:
   LINUX - Legendary Intelligent Needful Universal Xperienced

Offline Draghon

  • Forum Member
Re: Norton Safe Search shows 33 items from this site as harmful
« Reply #3 on: December 31, 2010, 08:07:45 pm »
YEs, well with Norton, you have to report the link/file as a virus manually or norton doesnt know

Offline Max™

  • MX Hosts
  • *****
  • If Im Not Back later... Wait Longer
    • Maxtech
Re: Norton Safe Search shows 33 items from this site as harmful
« Reply #4 on: January 01, 2011, 10:23:20 am »
i consider Norton to be a virus within a program, because as stated, it entwines into your system in so many parts, then you can not remove it,
even using Norton's own removal tool, it leave some stuff behind that it wont remove, only way is to format pc to get rid of Norton



Try Connecting, the attacks may let you http://patch.winmxconex.com/

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Norton Safe Search shows 33 items from this site as harmful
« Reply #5 on: January 01, 2011, 10:41:42 am »

Quote
Threats found: 33
Here is a sample: (for more information about a specific threat, click on the Threat Name below)

Threat Name:  Suspicious.IRCBot 
Location:  http://archive.winmxworld.com/KingMacro/WCS/wcs%201.5.2%20-%20130505.zip 

Threat Name:  Trojan Horse 
Location:  http://archive.winmxworld.com/Fx%20Server/FXServer%201.3.0a%20-%20260905.zip 

Threat Name:  Trojan.Gen 
File name:  c:\program files\bidebotmx\lib\dcc.dll 
Location:  http://archive.winmxworld.com/Bide&Musique/BideBotMX/install_BidebotMX_0.0.1_fr.exe 

 Threat Name:  Suspicious.IRCBot 
Location:  http://archive.winmxworld.com/KingMacro/WCS/wcs%201.2.0%20-%20270305.zip 

Threat Name:  Suspicious.IRCBot 
Location:  http://archive.winmxworld.com/KingMacro/WCS/wcs%201.4.0%20-%20110405.zip 

Threat Name:  Downloader 
Location:  http://archive.winmxworld.com/KingMacro/WCS/wcs%201.5.0%20-%20280405.zip 

Threat Name:  Suspicious.IRCBot 
Location:  http://archive.winmxworld.com/KingMacro/WCS/wcs1.0.9.exe 

Threat Name:  Suspicious.IRCBot 
Location:  http://archive.winmxworld.com/KingMacro/WCS/wcs%201.7.4%20-%20140306.zip 

Direct link to:  http://archive.winmxworld.com/Bide&Musique/BideBotMX/install_BidebotMX_0.0.1_en.exe 
Location:  http://archive.winmxworld.com/Bide&Musique/BideBotMX/ 

Direct link to:  http://archive.winmxworld.com/Ze%20Assortment/KickIt27.zip 
Location:  http://archive.winmxworld.com/Ze%20Assortment/ 


I think its clear that anything using a an "exe packer" is likley to falsely accused of being something its not. An exe packer is a file compression program and its often used by programmers wanting to shrink the size of their programs, WinMX for instance is packed in such a way, unpacked WinMX is more like 2 megabytes in size, the reason for all the false detections is that unfortunately many virus writers like to "pack" their code to try to obscure malicious functions from anti virus programs and anti virus programmers try their best to keep up, this leads to the oversimplification of detection mechanisms where anything sporting a packer is falsely detected as being harmful.

Most folks can find and use unpacking tools to look at potentially harmful code as I did with Ritchys packed Modified WCS (RSWCS), the last few versions have been checked and found all good but you do have to wonder just why in this day and age when folks are not shy of downloading bigger files anyone would need to pack their files, the other reason then for doing so is to hide code from rivals for whatever reason, this is how most commercial software companies keep themselves ahead of their rivals but with the easy availability of unpacking tools one has to wonder just who they think they are fooling.

Offline RebelMX

  • Core
  • *****
  • *****
Re: Norton Safe Search shows 33 items from this site as harmful
« Reply #6 on: January 01, 2011, 05:01:00 pm »
Unfortunately the use of an exe packer (as proven by Quicks) is seen as a negative addition to releasing software.  The problem is, this is entirely untrue and used by *almost* every developer distribution method.

I wouldn't know off hand but i could hazard a guess that windows and linux programmers use a compressor. I mean, UPX and the such like were designed for that very purpose, and not to hide anything.

Quote from Wiki
Quote
Software distributors use executable compression for a variety of reasons, primarily to reduce the secondary storage requirements of their software; as executable compressors are specifically designed to compress executable code, they often achieve better compression ratio than standard data compression facilities such as gzip, zip or bzip2[citation needed]. This allows software distributors to stay within the constraints of their chosen distribution media (such as CD-ROM, DVD-ROM, or Floppy disk), or to reduce the time and bandwidth customers require to access software distributed via the Internet.

A compressed executable requires less storage space in the file system, thus less time to transfer data from the file system into memory. On the other hand, it requires some time to decompress the data before execution begins. However, the speed of various storage media has not kept up with average processor speeds, so the storage is very often the bottleneck. Thus the compressed executable will load faster on most common systems. On modern desktop computers, this is rarely noticeable unless the executable is unusually big, so loading speed is not a primary reason for or against compressing an executable.

Therefore as all winmx programs are designed for Windows 98 and upwards we are still dealing with older hardware.  Thus not everyone can afford quad core multiple GB's of ram and huge TB of hdd.  You want the winmx clone to fully replace the official client then you too will need to be able to support all network and hardware setups and not just those that can or will afford to keep "up to date".  Quicks you have stated many a time that you use IE6 because it supports everything you want without the bloatware.  Surely using a compressor on exe's is the same thing really?

On top of that, the compressor I use is a free open source piece of software (UPX) and thus actually I am supporting open source software even though you hate to admit that.  This actually encourages people like yourself to actively unpack my software and investigate it for free, but also presents the best available format for hosts and users.  As you have stated RSWCS is clean of any "issues" and the same methods are used on WinMX, so there must be something right about it i suppose...?

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Norton Safe Search shows 33 items from this site as harmful
« Reply #7 on: January 01, 2011, 06:02:11 pm »
No need to get all defensive Ritchy your software just happened to be the last stuff I looked at and thus I used you as an example of why folks use it, tbh its been a long time since using such things have been necessary and win98 was a long time ago so I'm guessing you simply want to hide what your up to, thats your choice but honestly theres no reason to do that and there is a performance overhead in having to unpack the software each time so any claims about lack of harware resources are cancelled out by that.

As I pointed out in another thread Ritchy you may make use of others open src work but its clear thats where it ends for you as you as you dont open src anything and this in my experience simply shows something is being hidden, most developers I know of dont use any sort of packer now days except to disguise or hide a technical process, some bad coders do it to hide stolen code but regardless the days of shrinking a program to fit on a floppy are long gone.

http://en.wikipedia.org/wiki/Runtime_packer

Quote
Executable compression is also frequently used to deter reverse engineering or to obfuscate the contents of the executable (for example, to hide the presence of malware from antivirus scanners) by proprietary methods of compression and/or added encryption. Executable compression can be used to prevent direct disassembly, mask string literals and modify signatures. Although this does not eliminate the chance of reverse engineering, it can make the process more costly.

Quote
Executable compression used to be more popular when computers were limited to the storage capacity of floppy disks and small hard drives; it allowed the computer to store more software in the same amount of space, without the inconvenience of having to manually unpack an archive file every time the user wanted to use the software. However, executable compression has become less popular because of increased storage capacity on computers.

This is the same page you quoted from btw.

Offline RebelMX

  • Core
  • *****
  • *****
Re: Norton Safe Search shows 33 items from this site as harmful
« Reply #8 on: January 02, 2011, 04:01:18 pm »
Again maybe you didnt actually read the quote i made
Quote
On the other hand, it requires some time to decompress the data before execution begins. However, the speed of various storage media has not kept up with average processor speeds, so the storage is very often the bottleneck. Thus the compressed executable will load faster on most common systems.
that whole section counters your claim of the hardware being the same speed with or without compression.

Why would anyone save a file that is say 420kB when that very same file can be saved as 82kB with no loss in quality and functionality?  The compression can be reversed easily with a FREE open source program so you can clearly see there is no malicious code in there, otherwise how can you prove that any program has no malicious code???  All the compression does is release space previously taken up by a program file for other filetypes such as mp3 or avi etc.  Also this allows the files to be portable and therefore be carried about or backed up on storage devises such as floppy's or usb pen drive.  We always say how we want things to be usable from anywhere and that aids this.  I have no need to hide anything, you can easily check and know that to be true so why do I continue using the compressor?  For the very reasons stated beforehand.  Yes it COULD be used to hide something if I was to actually set the program to be obfuscated but I just compress... as that article states, it can be used in two ways.  Which is similar to WinMX, for copyrighted material or for other self created material... Every program has the ability to be used badly.

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Norton Safe Search shows 33 items from this site as harmful
« Reply #9 on: January 02, 2011, 09:45:33 pm »
I thought I have made the key points here but to keep this short I,ll reiterate, there is no longer a need to pack programs as there was in the days of win98 and dial up, the uncompressing is only faster because we are no longer in the days of win98 and dial up and processor speeds are faster now, packing a program does not in any way make it more efficient or faster.

You have to remember thats a wiki article Ritchy and thus anyone can edit it to say what they want, common sense says that if its necessary to complete an extra task to run the program it cannot possibly be faster than running an uncompressed version, if you read that sentence carefully the claim is only made in a single event of their being some "bottleneck in the media" as most folks machines run with the majority of the processors time being handled as an idle system process and faster that in previous years HDD speeds I cant claim to have seen any bottlenecking for many years now.

I hope that clears things up for everyone.

Offline White Stripes

  • Core
  • *****
  • ***
  • Je suis aimé
Re: Norton Safe Search shows 33 items from this site as harmful
« Reply #10 on: January 02, 2011, 10:44:55 pm »
@Draghon

upx was aimed at older systems but it has no effect other than shrinking the .exe size .... once in memory the app is the same size...

commercial packers are ment to obfuscate... like winmx's password protected pklite packer (a discontinued product) ...
they are no longer of any use today other than obfuscation... the compression (if there is any in modern commercial software) is just a side effect... 

homebrew packers are ment for competition --- the demoscene ... to win awards on technical merit... this especially holds true for older (1980s era) computers that are still used in these competitions to this day...


the problem with virus scanners and packers (esp custom packers) is the 'heuristic mode' included in many AV products.... ....an attempt by said companies to use the stronger horsepower of todays cpus to make their jobs easier.... esp with the bigger commercial products... let the users report false positives rather than the company do their own research..... handy eh?

if your scanner identifies a packed app as a .Gen ... such as Trojan.Gen ... all that means is the AV is making a guess based on behavior and the fact it cant see inside the packer...

@GS; lookup a linux distro called toms rootboot.... a highly compressed single floppy linux aimed at repair... (there are other fdd distros as well, for instance turning an old 486 full of network cards into a router without needing a hdd spinning all the time)

@all; packers still have their use... just not in the mainstream windoze environment... that died when win7s minimum hdd space for install reached 16gb....

Offline achilles

  • Core
  • *****
Re: Norton Safe Search shows 33 items from this site as harmful
« Reply #11 on: January 02, 2011, 11:02:26 pm »
No those are false claims.

I really don't recommend using norton or mcaffee. Both can be considered viruses themselves as they intertwine themselves into your system and slow it down a lot.

I recommend Microsoft Security Essentials:  http://www.microsoft.com/security_essentials/


Or there are multiple other FREE anti viruses that are very light and effective as well: AVG, avast, avira, etc.



So don't worry, no trojans on this website. :)

Use AVG at your own risk! The new version of AVG has damaged a lot of peoples machines. Many BSOD's.  I suggest you use Avast or Avira free if you use a free AV.
I'm a Hardware, and Cyber Security Guy.

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Norton Safe Search shows 33 items from this site as harmful
« Reply #12 on: January 02, 2011, 11:05:24 pm »
My thanks for sharing your extensive knowledge with me once again Stripes, I think we generally agree on the demise of packing for any other reason except to obscure if we are talking a windows box, its nice to see folks have used the old floppy disk format to its best but I myself use a USB key now and I suspect this will become the new "floppy" of its time if it isnt already.

Happy New year btw Achilles  :-D

WinMX World :: Forum  |  WinMX World  |  Site Feedback  |  Norton Safe Search shows 33 items from this site as harmful
 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Warning: this topic has not been posted in for at least 120 days.
Unless you're sure you want to reply, please consider starting a new topic.

Name: Email:
Verification:
Type the letters shown in the picture Type the letters shown in the picture Type the letters shown in the picture Type the letters shown in the picture Type the letters shown in the picture Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
What year is it next year?:
What's the name of the site this forum belongs to?:
What program is this site about?:

gfxgfx
gfx
©2005-2017 WinMXWorld.com. All rights reserved.
SMF 2.0.15 | SMF © 2017, Simple Machines
Page created in 0.057 seconds with 19 queries.
Helios Multi © Bloc
gfx
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!