Date
1 - 16 of 16
CCDWare site Trojan?
|
I use Mawarebytes which is reporting that ccdware.com has a trojan.
I'd like to get PEMPRO V3. Anyone visited this site recently? Had a problem? The trojan, according to Malwarebytes was discovered in February. -- George Prineville, Oregon |
|
|
|
Hi George I think that's a false positive. Also I believe that happens only when downloading the first link, which is not PEMPro. Make sure you scroll down a bit and download PEMPro and not the first link of CCDNavigator (which throws that warning) On Sun, Aug 9, 2020 at 8:16 AM George LaBelle <george.labelle@...> wrote: I use Mawarebytes which is reporting that ccdware.com has a trojan. --
|
|
|
|
CurtisC <calypte@...>
I downloaded PEMPro 3 from CCDWare about a week ago, and I haven't seen any problems with Trojan horses.
|
|
|
|
Ray Gralak
Hi George,
toggle quoted message
Show quoted text
As Brian stated, PEMPro does not have a Trojan virus. You probably clicked the download button for CCD Navigator or Weather Ninja, which for some reason, sometimes gets a false positive. I asked John Smith to move the other application's download link away from PEMPro so that hopefully, others won't click the wrong link by mistake! -Ray Gralak Author of APCC (Astro-Physics Command Center): https://www.astro-physics.com/apcc-pro Author of PEMPro V3: https://www.ccdware.com Author of Astro-Physics V2 ASCOM Driver: https://www.siriusimaging.com/apdriver -----Original Message----- |
|
|
|
Let me make it clear - the domain ccdware.com is reported by Malwarebytes as having a trojan. It has been listed as so since Feb. 2020 on their server.
It doesn't matter which product you try to view. Going to "ccdware.com" is prevented by Malwarebytes. I never got to any product page. I never said Pempro or any other product they sell had a trojan! I thought it was clear that I was "trying to get" Pempro. I'm sure it is a false positive. I went ahead and allowed that domain and was able to enter the site. -- George Prineville, Oregon |
|
|
|
Ray Gralak
Hi George,
Let me make it clear - the domain ccdware.com is reported by Malwarebytes as having a trojan. It has been listedCCDWare recently (last week) moved to a completely new site, so maybe refreshing your browser will help? The site will look similar but was completely rewritten well after February. -Ray Gralak Author of APCC (Astro-Physics Command Center): https://www.astro-physics.com/apcc-pro Author of PEMPro V3: https://www.ccdware.com Author of Astro-Physics V2 ASCOM Driver: https://www.siriusimaging.com/apdriver -----Original Message----- |
|
|
|
Joe Zeglinski
Hi George,
By any chance are you now running with the Build 2004
Update of Win-10?
Microsoft ... “drastically changed” its DEFENDER
antivirus program in this recent major update - and added new
features to it.
One of these is that it reports and even isolates PUP’s (potentially
unwanted programs) into its own Quarantine, which you can undo, just as with
MB’s A/V. You can see which ones got blocked by going into Settings and looking
at Security/Defender. There is a list of blocked PUP’s it was responsible for –
nothing to do with Malwarebytes.
Also, perhaps the good news is that DEFENDER used to
“bow out” if another antivirus program was found in the system. But if you chose
to change the MB setting to NOT register itself in Windows, then BOTH antivirus
programs would always be running. Then you will get DEFENDER interfering with
its own opinions about PUP’s. I would trust MB over it now, since this is
totally a new way of doing things for the revised Defender (darned nuisance).
Beginning to think that Build 2004’s DEFENDER is actually the
“Potentially Unwanted Program”.
Among those it now doesn’t like, for example, was
the PIRIFORM’s CCLEAN which has been just fine for over 10 years, and now
Defender just got uppity about it. Meanwhile, my latest MALWAREBYTES is fine
with it, always has been, never reported it as even suspicious. Likewise,
changes in the communications area logs me out of my email account every 24
hours or so, even if the PC never hibernates, something new on three PC’s I know
of – another build 2004 oddity. Too late to roll back to Build 1909, which was
much more reliable.
I suspect, if this is what you are running as well, it
was Defender not Malwarebytes blocking PEMPRO access.
The good news is that Update 2004 will go away by November to make space
for the next major Microsoft Win-10 screw up.
Joe Z.
From: George LaBelle
Sent: Monday, August 10, 2020 9:58 AM
To: main@ap-gto.groups.io
Subject: Re: [ap-gto] CCDWare site Trojan? Let
me make it clear - the domain ccdware.com is reported by Malwarebytes as having
a trojan. It has been listed as so since Feb. 2020 on their server It doesn't matter which product you try to view. Going to "ccdware.com" is prevented by Malwarebytes. I never got to any product page. I never said Pempro or any other product they sell had a trojan! I thought it was clear that I was "trying to get" Pempro. I'm sure it is a false positive. I went ahead and allowed that domain and was able to enter the site. -- George Prineville, Oregon |
|
|
|
I think the false positive on CCDWare's downloads caused Malwarebytes to flag the whole site afaik Malwarebytes is its own thing, keeping its own database of sites it considers safe or 'infected' based on issues from downloaded files. On Mon, Aug 10, 2020 at 7:03 AM Ray Gralak <groups3@...> wrote: Hi George, --
|
|
|
|
Joe Zeglinski
I agree,
The two antivirus programs are independent, but Defender
hasn’t changed much in many years, so it is just testing its new features
now. Consider it a trigger happy Beta for a couple of its next few updates,
until the kids at Microsoft have us all test the rewrite for them. If it
continues to get in the way at CCDWARE, change Defenders sensitivity for that
website, in its new settings options. If Malwarebytes didn’t flag it, in its own
Reports, then the only other app may be Defender, unless you have even more
A/V’s active.
Perhaps the only reason I still keep Defender active is
for its Win-10 “pre-boot” virus scan user option, which MB doesn’t seem to
have.
Joe Z.
From: Brian
Valente
Sent: Monday, August 10, 2020 10:33 AM
To: main@ap-gto.groups.io
Subject: Re: [ap-gto] CCDWare site Trojan? I think the false positive on CCDWare's downloads caused Malwarebytes to flag the
whole site
afaik Malwarebytes is
its own thing, keeping its own database of sites it considers safe or 'infected'
based on issues from downloaded files.
|
|
|
|
Pete Mumbower
Actually Windows Defender has changed significantly in the last couple of years, recent builds have not changed a ton, at least on the consumer side. The enterprise side (Advanced Threat Protection) has had some "significant" changes, but nothing that would effect what this thread is about. It is pretty sophisticated and one of the leading AV products on the market now. I talked to quite a few other It professionals at other companies at the big Microsoft conference (Ignite) last summer and they agree that it is made some major strides in how well it works compared to others.
I do agree and highly recommend only running one AV product on a computer. The threat landscape has change a lot in the last decade and the modern techniques are needed to detect and stop the bad actors out there. Whatever AV product you use, make sure the virus definitions are up date (daily or even hourly) if you do a lot of online browsing with the computer. Pete |
|
|
|
Pete Mumbower
Sorry forgot to add that the below website is great for checking out websites to see if there are any known security issues:
https://www.urlvoid.com/scan/ccdware.com/ (set to scan ccdware.com in this instace, which comes back clean) -Pete |
|
|
|
Bill Long
Not sure why the Windows Defender bashing is going on, or the name calling of MS Employees. I dont use MB and only use Windows Defender and I have no issue using CCDWare's website.
From: main@ap-gto.groups.io <main@ap-gto.groups.io> on behalf of Joe Zeglinski <J.Zeglinski@...>
Sent: Monday, August 10, 2020 8:04 AM To: main@ap-gto.groups.io <main@ap-gto.groups.io> Subject: Re: [ap-gto] CCDWare site Trojan? I agree,
The two antivirus programs are independent, but Defender hasn’t changed much in many years, so it is just testing its new features now. Consider it a trigger happy Beta for a couple of its next few updates, until the kids at Microsoft have us all
test the rewrite for them. If it continues to get in the way at CCDWARE, change Defenders sensitivity for that website, in its new settings options. If Malwarebytes didn’t flag it, in its own Reports, then the only other app may be Defender, unless you have
even more A/V’s active.
Perhaps the only reason I still keep Defender active is for its Win-10 “pre-boot” virus scan user option, which MB doesn’t seem to have.
Joe Z.
From: Brian Valente
Sent: Monday, August 10, 2020 10:33 AM
To: main@ap-gto.groups.io
Subject: Re: [ap-gto] CCDWare site Trojan?
I think the false positive on CCDWare's downloads caused
Malwarebytes to flag the whole site
afaik Malwarebytes is its own thing, keeping its own database of sites it considers safe or 'infected' based on issues from downloaded files.
|
|
|
|
Indeed. Windows defender is probably as good as any other AV out there. But, people have always bashed MS and so I guess they will continue to do so. I’ve used Windows Defender (and still do) with no problems.
toggle quoted message
Show quoted text
On Aug 10, 2020, at 4:44 PM, Bill Long <bill@...> wrote:
|
|
|
|
Michael Dolenga
I work at Microsoft. It comes with the territory. And we're often the first to complain about stuff other departments do. :) Michael
On Monday, August 10, 2020, 01:50:11 PM PDT, Michael 'Mikey' Mangieri <mjmangieri@...> wrote:
Indeed. Windows defender is probably as good as any other AV out there. But, people have always bashed MS and so I guess they will continue to do so. I’ve used Windows Defender (and still do) with no problems. On Aug 10, 2020, at 4:44 PM, Bill Long <bill@...> wrote:
Not sure why the Windows Defender bashing is going on, or the name calling of MS Employees. I dont use MB and only use Windows Defender and I have no issue using CCDWare's website.
From: main@ap-gto.groups.io <main@ap-gto.groups.io> on behalf of Joe Zeglinski <J.Zeglinski@...>
Sent: Monday, August 10, 2020 8:04 AM To: main@ap-gto.groups.io <main@ap-gto.groups.io> Subject: Re: [ap-gto] CCDWare site Trojan? I agree,
The two antivirus programs are independent, but Defender hasn’t changed much in many years, so it is just testing its new features now. Consider it a trigger happy Beta for a couple of its next few updates, until the kids at Microsoft have us all
test the rewrite for them. If it continues to get in the way at CCDWARE, change Defenders sensitivity for that website, in its new settings options. If Malwarebytes didn’t flag it, in its own Reports, then the only other app may be Defender, unless you have
even more A/V’s active.
Perhaps the only reason I still keep Defender active is for its Win-10 “pre-boot” virus scan user option, which MB doesn’t seem to have.
Joe Z.
From: Brian Valente
Sent: Monday, August 10, 2020 10:33 AM
To: main@ap-gto.groups.io
Subject: Re: [ap-gto] CCDWare site Trojan?
I think the false positive on CCDWare's downloads caused
Malwarebytes to flag the whole site
afaik Malwarebytes is its own thing, keeping its own database of sites it considers safe or 'infected' based on issues from downloaded files.
|
|
|
|
Joe Zeglinski
Hi Pete,
I agree, DEFENDER is generally a good AV program -
even though I sounded like MS Defender bashing.
I have never used any other antivirus program regularly
over the past decades, except Defender or its earlier pre-Microsoft ownership
versions – and don’t plan that I ever will. DEFENDER is/was just a
plain good workhorse of an AV program, and I am glad to have it on all
PC’s.
I just get rattled and lose confidence in it now,
when I get a “LOW level” warning from its recent Build 2004 Win-10 major
rewrite, warning that (even) CCLEAN is one of its suggested PUP’s.
Just because a program like PIRIFORM’s ...
CAN modify the Registry,
shouldn’t automatically make it a PUP threat, until Microsoft has some strong
evidence. Otherwise, we would be chasing many more innocent apps on the
PC. Besides, what should I believe about Defender’s other suggested PUP’s
?
Very many people has been using CCLEAN, (for
example), with confidence, for at least a decade, and most people
trust it, as perhaps the industry’s best clean-up utility. It is a necessary
tool because every Microsoft Update leaves piles of Temp Work files cluttering
up the disk drive, and misdirected & lost Registry links behind, after
performing its frequent Windows updates. Wish Microsoft would clean up
after itself, so the app wouldn’t be needed as much. But, that’s not the
point.
Calling that app a PUP, now makes me highly suspicious
of anything else that Win-10 PRO’s version of Defender considers a PUP.
Seems a bit trigger-happy.
So, contrary to tech advice, I like to back up Defender
with a second opinion by Malwarebytes, another well-respected antivirus
program, but one which never accused CCLEAN of being malware. I think MB
does its due diligence and homework better.
Which is why I suspected that Defender may have
needlessly caused that PUP warning at CCDWARE, that Malwarebytes may
not have.
Joe
From: Pete
Mumbower
Sent: Monday, August 10, 2020 2:45 PM
To: main@ap-gto.groups.io
Subject: Re: [ap-gto] CCDWare site Trojan? Actually
Windows Defender has changed significantly in the last couple of years, recent
builds have not changed a ton, at least on the consumer side. The enterprise
side (Advanced Threat Protection) has had some "significant" changes, but
nothing that would effect what this thread is about. It is pretty sophisticated
and one of the leading AV products on the market now. I talked to quite a few
other It professionals at other companies at the big Microsoft conference
(Ignite) last summer and they agree that it is made some major strides in how
well it works compared to others. I do agree and highly recommend only running one AV product on a computer. The threat landscape has change a lot in the last decade and the modern techniques are needed to detect and stop the bad actors out there. Whatever AV product you use, make sure the virus definitions are up date (daily or even hourly) if you do a lot of online browsing with the computer. Pete |
|
|
|
KHursh
CCDWare site is down since yesterday. Related?
Kevin |
|
|