Norton antivirus quarantined file editKUID.exe

[chrisaw]

On doing a HDD backup I noticed this report from Norton "editKUID.exe contained threat Trojan.Gen.SMH"

On looking back through the log it seems it's been complaining about this for years.
Anyone have any idea why this should be, other than Norton being its usual interfering self?

Chris.

 

[JCitron]

Chris,

I've never heard of that utility. Where did you get it from?

A quick search on the web shows that Norton has reported other programs as also having this, which led people to believe it's a false positive.

If you are unsure, you can run another antivirus scanner such as Esset or some other
https://www.eset.com/us/home/online-scanner/

If nothing is found, put the program on Norton's ignore list.

 

[wreeder]

EditKUID.exe came with TRS2004 but I don't see it in my TRS10 install so it was dropped at some point I guess. It simply allowed you to enter your User ID into the program. TRS2006 did that through CMP. I doubt it is infected.

10.28.2023-12.12.01

Shared from Screencast.com

www.screencast.com

 

[pdkoester]

For your antivirus protection, including the Windows defender or other built-in (Mac OS?) ones, you might want to create exclusions for each directory used by Trainz. It will save a lot of headaches, and may help it with performance, since being excluded means the program does get any interference. I did exclusions, and did notice a small bump in performance.

 

[p-dehnert]

Result of checking at VirusTotal.com: 2 out of 72 scanners classified the file as malicious.

Peter

 

[DELETED-KP7sDeFaN51Yh3C]

Heh.. The built-in Microsoft Antivirus often considers my own programs compiled from sources to be a virus, though there are no viruses at all. So, it is difficult to answer.

 

[Forester1]

I have a lot of old software saved form the early days of windows and Defender has fits with a lot of it. The old trick stuff that would open your cd drive for a coffee mug holder, or anything that might advertise, or anything other than a straight-ahead program gets flagged. It doesn't even want that stuff on the hard drive. It may be that editKUID.exe makes a system call that is now considered not kosher or something.

 

[chrisaw]

Thanks for all the replies. I was suspecting a false report.
I was comparing an old HDD with my PC's active drive prior to backup, and saw the file flagged as on the old but not the PC drive. When I selected it it disappeared, so I was wondering what happened to it, and what it was for.

Chris.

 

[JCitron]

I have a lot of old software saved form the early days of windows and Defender has fits with a lot of it. The old trick stuff that would open your cd drive for a coffee mug holder, or anything that might advertise, or anything other than a straight-ahead program gets flagged. It doesn't even want that stuff on the hard drive. It may be that editKUID.exe makes a system call that is now considered not kosher or something.

I've run into that too. Part of that is the developers used older compilers to generate the code that do things differently than modern compilers do. This is kind of like TRS22 complaining about the scripts done for TS12. There was a developer that complained about that because his uninfected software was being flagged and his complaints to Microsoft went unheard.