Last post Oct 28, 2019 07:49 PM by bruce (sqlwork.com)
Oct 26, 2019 05:58 PM|MikeLopez11|LINK
I developed a WebAssembly app and my app's .dll is trying to be cached by the browser (Edge and Opera in my case) and Norton Antivirus is flagging and removing the downloaded .dll. All of the other .dll's and other content is cached without warning.
Has this happened to anyone else?
What's even more strange is that this just started yesterday, after a few days of testing my Blazor app.
Below is the report from Norton. My web site's domain name is replaced with "xxxxx":
Here's the report:
Threat name: Heur.AdvML.CFull Path: C:\Users\Mike\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VKQ29L6M\BlazorApp1.Client.dll
On computers as of
10/26/2019 at 1:42:32 PM
10/26/2019 at 1:44:33 PM
Threat type: Heuristic Virus. Detection of a threat based on malware heuristics.
BlazorApp1.Client.dll Threat name: Heur.AdvML.C
Very Few Users
Fewer than 5 users in the Norton Community have used this file.
This file was released less than 1 week ago.
This file risk is high.
Downloaded File from xxxxx.com
Source: External Media
File: C:\Users\Mike\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VKQ29L6M\ BlazorApp1.Client.dll Removed
File Thumbprint - SHA:
File Thumbprint - MD5:
Oct 28, 2019 08:34 AM|Mikesdotnetting|LINK
You should take this up with Norton. Their detection algorithms are at fault. It's not an ASP.NET issue.
Oct 28, 2019 07:49 PM|bruce (sqlwork.com)|LINK
Norton doesn't know the dll will run in sandbox. Its checking for code that will change the security level. It may be a false hit, or you included code that could be used to raise security to allow a virus to run (if it wasn't in a sandbox).