ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

DonationCoder.com Software > Find And Run Robot

Program executable suspected as virus by NOD32

<< < (2/3) > >>

pmcg:
Happened to me today also. Suddenly your program has been deleted by Eset. Argggghh!

mouser:
Sorry to everyone suffering with this -- it's out of my hands -- nothing more i can do.
This will be a good test of eset, to see how fast they fix this.  :mad:


Anyone who wants to help speed up the process of them analyzing the file and reporting on it's goodness, see how to do so here:
http://kb.eset.com/esetkb/index?page=content&id=SOLN141

mouser:
Well I must say I'm pretty impressed by eSet.  Here's an email reply I got about 20 minutes after I submitted the false positive:

>Dear Jesse,
>Thank you for bringing this issue to our attention! It was indeed a false positive of our scanner and it should disappear with virus database update 4621, which was released about half an hour ago.
>We are sorry for any inconvenience this misdetection might have caused.
>Regards,
>Peter Kosinar
>Senior Virus Researcher
>ESET spol. s r.o.

Nice -- that's a pretty fast turn-around for pushing out an updated signature set.


NOTE: There is no way to know how many other people complained before me, about not just Find and Run Robot, but on other programs that may have gotten caught in the false positive.  So we don't know the *real* time it took them to respond to the problem.  But still it seems like a pretty quick reaction.


HOWEVER -- this process of adding a brand new signature, and then immediately reporting to users that the antivirus program is completely certain about an infection and deleting files is totally, absolutely, inexcusably, irresponsibly, WRONG BEHAVIOR.  When a new signature is added to an antivirus database, and it is a heuristic like detection of possibly harmless code -- it is imperative that antivirus companies start being honest and straightforward with users.  The user must be told that this is a completely heuristic guess, based not on the detection of harmful code but on the similarity to some random signature.  The user must be told that the signature is brand new to the database and that the likelyhood of a harmless false positive is very high.  When we find a responsible antivirus company that does this, we will have found a new hero in the antivirus wars, one that is desperately needed.

mouser:
Does anyone here want to create a new web page on this issue of Responsible Handling of Antivirus Positives, and create a little award that could be given out to an antivirus company that handles this kind of thing responsibly?  Maybe that would at least provide a way for us to motivate, encourage, and reward an antivirus program that decides to do the right thing.

mouser:
Confirmed that the false positive is gone with the latest update  :up:
We now return you to your regularly scheduled programming..

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version