hitrust / namebench

Automatically exported from code.google.com/p/namebench
Apache License 2.0
0 stars 0 forks source link

Namebench listed as blocked by F-Secure AV #101

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1.Attempting to run NameBench.exe from desktop download
2.
3.

What is the expected output? What do you see instead?
Program running. Double Clicking on program .exe produces "Program 
Blocked" message fron F-Secure Anti Virus.
Message reads:- "DeepGuard has prevented a potentially malicious program 
from starting. The decision was made based upon the information from the 
Real Time Protection Network. The program is: namebench1.1.exe" 

What version of the product are you using? On what operating system?
Latest download - 1.1 - Windows 7 64bit.

Please provide any additional information below.

Original issue reported on code.google.com by stan.smi...@gmail.com on 23 Feb 2010 at 1:47

GoogleCodeExporter commented 9 years ago
I don't what this had to do with namebench.  If F-Secure Ani Virus wants to 
list 
namebench as a virus there is nothing the developers of namebench can do about 
that.

Original comment by khurtwilliams on 23 Feb 2010 at 1:50

GoogleCodeExporter commented 9 years ago
Also refer the following URL which is also reporting similar problem:
http://code.google.com/p/namebench/issues/detail?id=100

Original comment by mehul.na...@gmail.com on 24 Feb 2010 at 5:40

GoogleCodeExporter commented 9 years ago
Does F-Secure happen to flag the new 1.2 RC builds as a virus?

Original comment by helixblue on 27 Feb 2010 at 11:31

GoogleCodeExporter commented 9 years ago
Hi Helixblue,
Hmmmm, much better, 1.2 RC2 causes "Deepguard blocked as suspicious program". 
This 
can be overcome by "Allowing" the program (which it could not be when it was 
treated 
as malicious). Program then runs normally.
Many thanks
Stan

Original comment by stan.smi...@gmail.com on 28 Feb 2010 at 12:56

GoogleCodeExporter commented 9 years ago
Deepguard may always consider it a "suspicious" program based on the way that
namebench operates: It's a portable executable that reads your browser history 
file,
and sends UDP packets all over the world. 

I'm glad to see that it is no longer blocked by default. I also double-checked 
with
F-Secure 9.0.15370.0 today, and it isn't complaining (though it may not be using
DeepGuard): 
http://www.virustotal.com/analisis/1485ba4efe6fdffb55d3f56d40a548c0843ef2b3fde6d
e3e383a402bc6597ffe-1267539179

Original comment by tstromb...@google.com on 2 Mar 2010 at 2:15