Re: Inquiry about release date of nvda2018.2.


Quentin Christensen
 

Are you sure Symantec thinks it is a virus, and if so, which one?  Symantec is listing the file as clean on VirusTotal, so I'm not sure whether it is using a newer or older version than yours.

I know Windows Defender will recommend blocking downloadable executables which haven't been downloaded many times - you often notice this if you are one of the first to download a new build of NVDA for instance.  Could Symantec be doing something similar?

I just got Virus Total to rescan the file and I notice now that Anity is also coming up clean - I wrote to them last night to report the false positive.


Kind regards

Quentin.

On Tue, Jun 12, 2018 at 11:23 PM, Michael Chopra <michaelchopra38@...> wrote:
 Hi. It’s definitely Rc 3.
Thanks.
From Michael.  


From: nvda@nvda.groups.io <nvda@nvda.groups.io> on behalf of Quentin Christensen <quentin@...>
Sent: Tuesday, June 12, 2018 10:00:16 PM

To: nvda@nvda.groups.io
Subject: Re: [nvda] Inquiry about release date of nvda2018.2.
 
Hi Michael,

Was it RC1 or 2 then?  As I'm not seeing it with RC3?

The way AV programs work, or one way at least, is they look for "signatures" of known viruses.  Each virus tends to have a group of bytes that distinguishes it from other programs - in the same way, if you wanted, you could probably go through a library and pick say the first sentence out of each book.  You could then bring in a new book without a cover, compare the first sentence against your list of known sentences, and decide whether it matched anything you'd seen before.

Occasionally you might get two books that have the same first sentence, and so one might be misidentified as the other.  It basically works exactly the same way with viruses.  Because it is just a string of characters, they could appear in other programs, and occasionally do, that is how false positives occur.

So, when we built rc2 (or 1?) it just happened that the exact sequence of characters appeared in our setup file as must appear in some virus.  It's something that Symantec have to update in their database, and once I know which build I can let them know - they have a set process for letting them know about false positives.  They'll then double check our file, confirm with what else they know about that virus that it definitely is a false positive and then update their definition list, and that will go out the next time they send out an update (usually in a day or so).

For now, RC3 seems ok so you should be able to download and run that if needed.

Kind regards

Quentin.

On Tue, Jun 12, 2018 at 7:17 PM, Michael Chopra <michaelchopra38@...> wrote:
 Hi. As far as I understand, it is flagging the release candidate versions. I am not sure about the snapshot builds, as I have not downloaded any of them.  With this issue, is it something that you have to sort out or is it for Symantec?
Thanks.
From Michael.  


From: nvda@nvda.groups.io <nvda@nvda.groups.io> on behalf of Quentin Christensen <quentin@...>
Sent: Tuesday, June 12, 2018 8:53:11 PM
To: nvda@nvda.groups.io

Subject: Re: [nvda] Inquiry about release date of nvda2018.2.
 
Hi Michael,

No problem at all, we're transparent here.  Thanks for the heads-up!  Can you advise which version is being flagged?  Is it 2018.1.1 (on the main download page), NVDA 2018.2rc3 (the current release candidate) or one of the snapshot or other builds?

I just ran a couple of builds through VirusTotal: https://www.virustotal.com/en/ - they run any file or site you specify through many of the reputable and unknown AV scanners and tell you what comes back positive

RC3 is being flagged by something called  "Antiy-AVL" that I've never heard of, as "Trojan/Win32.AGeneric".  If I can figure out who they are, I'll write to them.

Symantec is happy with the RC as far as I can see.

NVDA 2018.1.1 is coming up clean on everything.

I tried nvda_snapshot_next-15180,4479f3ab.exe which I had lying around from the 7th of June and it came back clean.

As Brian noted, one AV or another will flag programs from time to time.  The easiest way to allay any fears is to check whether other reputable AV programs which also detect whatever it was also detect it.  In the case of Trojan/Win32.AGeneric, it's a bit hard, as it's simply claiming it looks like a generic trojan, without actually have the "signature" of any known virus.

On Tue, Jun 12, 2018 at 6:13 PM, Brian's Mail list account via Groups.Io <bglists=blueyonder.co.uk@groups.io> wrote:
This sort of thing seems to occur with many pieces of software from time to time though. I would hope that feedback to the company would immediately prompt them to put in an exception for it. There was a similar issue over a password manager a while back I seem to remember.
Brian

bglists@...
Sent via blueyonder.
Please address personal E-mail to:-
briang1@..., putting 'Brian Gaff'
in the display name field.
----- Original Message ----- From: "Michael Chopra" <michaelchopra38@...>
To: <nvda@nvda.groups.io>
Sent: Tuesday, June 12, 2018 5:37 AM
Subject: Re: [nvda] Inquiry about release date of nvda2018.2.


Hi Quentin and all. Are you aware that NVDA is being treated as a virus
by Symantec endpoint protection? It just deletes the file and does not
let me do anything with it. It's probably not the best place to bring
this up, but I thought I would let you know.

Thanks.

From Michael.


On 12/06/18 16:30, Quentin Christensen wrote:
We released NVDA 2018.2rc3 the other day:
https://www.nvaccess.org/post/nvda-2018-2rc3-released/

So, the final version should be out within a week or so, unless
anything big is found.

Kind regards

Quentin.

On Tue, Jun 12, 2018 at 1:26 PM, Angaragerdene
<b.angaragerdene@... <mailto:b.angaragerdene@gmail.com>> wrote:

    Hi guys:
    Is there any set date for nvda 2018.2 to release? Couldn't find
    it anywhere.






--
Quentin Christensen
Training and Support Manager

Official NVDA Training modules and expert certification now available:
http://www.nvaccess.org/shop/

www.nvaccess.org <http://www.nvaccess.org/>
Facebook: http://www.facebook.com/NVAccess
Twitter: @NVAccess













--
Quentin Christensen
Training and Support Manager

Official NVDA Training modules and expert certification now available: http://www.nvaccess.org/shop/

Facebook: http://www.facebook.com/NVAccess 
Twitter: @NVAccess 




--
Quentin Christensen
Training and Support Manager

Official NVDA Training modules and expert certification now available: http://www.nvaccess.org/shop/

Facebook: http://www.facebook.com/NVAccess 
Twitter: @NVAccess 




--
Quentin Christensen
Training and Support Manager

Official NVDA Training modules and expert certification now available: http://www.nvaccess.org/shop/

Facebook: http://www.facebook.com/NVAccess 
Twitter: @NVAccess 

Join nvda@nvda.groups.io to automatically receive all group messages.