User forums > Nightly builds
The 30 August 2014 build (9884) is out.
stahta01:
--- Quote from: eckard_klotz on September 07, 2014, 06:32:49 pm ---Hello Everybody.
I agree that the user of the anti virus software has to report the "false positive" detection to his av-scanner provider. But I think it would be helpful if there would be a topic in the forum of code::blocks, that can be used to post information about this. It may be useful, if every kind of anti virus software has its own sub-topic. Other users can see, what is already reported if the reporter posts the ticket-number.
In my case I found in the forum the post http://forums.codeblocks.org/index.php/topic,19182.0.html, where I learned that afb45 already reported a similar "false positive" detection under the ticked number " submission [3491738]" in April. But his detection reported the detection of "Trojan.Gen.SMH" while in my case the "Suspicious.Cloud.7.F" was detected. For some reasons my first report to Symantec under the ticket-number "submission (3590276)" last month was not successful. Thus I reported it new today under the ticket-number "submission (3613580)".
I hope this information is helpful for other users of Symantec which have a similar problem.
Best regards,
Eckard.
--- End quote ---
I think it would be better to have only a single thread on the subject.
And, have a Wiki page on the subject with sub-pages to the Wikipage as needed.
But, I am NOT a CB Dev; they are the ones to decide.
And, I have forgot the little I learned on doing Wiki pages; so, I have no plans to start a Wiki page.
I would think subpages for each DLL or EXE in CB Blocks would be nice with page sections for each AV.
Tim S.
eckard_klotz:
Hello Everybody.
This time I was successfull. Symantec answered:
--- Quote ---In relation to submission [3613580].
Upon further analysis and investigation we have verified your submission and, as such, the detection(s) for the following file(s) will be removed from our products:
854E5D01E60235E3ACFA0AFAD2AADC36 - cblauncher.exe
The updated detection(s) will be distributed in the next set of virus definitions, available via LiveUpdate or from our website at http://securityresponse.symantec.com/avcenter/defs.download.html
Decisions made by Symantec are subject to change if alterations to the Software are made over time or as classification criteria and/or the policy employed by Symantec changes over time to address the evolving landscape.
If you are a software vendor, why not take part in our whitelisting program?
To participate in this program, please complete the following form: https://submit.symantec.com/whitelist
--- End quote ---
First of all they agree that this was realy a wrong detection.
But second, they offer a more longlasting posibility to avoid such problems in the futute if you follow the link "https://submit.symantec.com/whitelist" you will reach a dialog that allows you to register Code::Blocks and its components in their white-list. But since this establishes a connection between symantec and the C::B project using this posibility is not the decision of a user it is a decision of the developers.
Thus, dear deveoplers of Code::Blocks please think about. As far as I understand it, with every new virus that behaves in some aspects like a component of Code::Blocks we the user have to report a new wrong detection again. With this offer you have the chance to make Code::Blocks known.
Best regards,
Eckard.
oBFusCATed:
Bleh... so we'll have to upload every cb release we do to every av software vendor?
eckard_klotz:
Hello C::B Developers.
--- Quote ---... so we'll have to upload every cb release we do to every av software vendor? ...
--- End quote ---
Some body has to do. OK, I agree that it is a great effort for the project to inform all possible av software publisher about every new nightly. And it may be easier, if the user is doing this to share this effort. But I still think that this topic should be supported with an own sub-forum to give us useres a central place to share the information, what files and realeases are allready reported to which vendor and with what result.
Best regards,
Eckard.
White-Tiger:
Actually, uploading it to Google's VirusTotal should be enough :P
One of the benefits of VirusTotal are that results are shared among AV companies. This means if someone detects something but others do not, it's possible for those others to get samples and fix their detection... Well this was meant for non detected viruses, but I'm certain that it might also work with false positives^^
But I don't know how automatic that all works... or if false positives are handled at all... Still maybe better then nothing :P
Otherwise, uploading CB to every AV vendor on every release (nightly or not) can only be done by having it done automated... and even then it requires a lot of time (to upload it) unless you're using a server to do that :P
Anyway, I'm still saying the user is responsible for his AV, and every user should be able to handle false positives anyway or they should use a different AV. It's their PC that has a problem with it ;)
P.S. you'll never know if a report is indeed a false positive ;) Because the developers PC could be corrupted or the upload somehow was.. so best is to use VirtusTotal if unsure and then... well guessing if you want to trust it if only 1 or 2 report it and others don't... could be still infected :P
And false positives don't disappear by the first report, to have a false positive to disappear a lot of people have to report it. Why should the AV company trust the first one to report it? Why should it really be a false positive? You only know if you've got enough data.
I don't even think they'll trust developers blindly, it will just give them a hint.. also note their note about signing the executables... that costs a lot of money which Microsoft wants to receive just to have it signed. So not even near possible for Code::Blocks.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version