Just wanted to post in case anyone else sees this or knows what to do or why it’s happening. This is the first time I’ve had anything from UrBackup flagged as infected. I’m sure there has been changes to the server, but not sure what would trigger our AV to flag it? I told it to ignore and let me use the file, I hope that wasn’t a mistake! Any ideas?
I just ran in in-depth scan against it using Symantec Endpoint Protection and it turned up nothing.
fwiw, I looked up WS.Reputation.1 and and found this. (you may have already done the same)
"Behavior
WS.Reputation.1 is a detection for files that have a low reputation score based on analyzing data from Symantec’s community of users and therefore are likely to be security risks. Detections of this type are based on Symantec’s reputation-based security technology. Because this detection is based on a reputation score, it does not represent a specific class of threat like adware or spyware, but instead applies to all threat categories.
The reputation-based system uses “the wisdom of crowds” (Symantec’s tens of millions of end users) connected to cloud-based intelligence to compute a reputation score for an application, and in the process identify malicious software in an entirely new way beyond traditional signatures and behavior-based detection techniques."
For the record every Avast protected Windows system I install the client on does the same.
I have to keep disabling it during the install process.
Thanks for the info, I got busy and didn’t follow up on it. I figured it had something to do with reputation, but it just started so I was a little startled.
1 Like
FYI, I ran a full MS SCEP scan (of the entire host… earlier I had just looked at the exe) and it turned up zero hits… so I’m inclined to chalk the Symantec flag up to being a false positive. .02 