I agree, unfortunately I don't see heuristics going any time soon. Some compressor/protector/packer vendors have been considering adding support for the Taggant System but that too has to be supported by the AV companies. Not sure it would help in the situation posted above though...PB wrote:Heuristics should not exist. They're a stupid "technology", as shown.
Always false positives. An AV should only report a true known virus.
I am going to jump in, since I am in the same boat with a different av program, BitDefender. I have this option set (in your image), but BD stops the linker due to a *.TMP file within the windows TEMP folder. If I disable the debugger, then the exe gets created within the source directory, but obviously, that does not help if PB insists on using the TEMP folder.ts-soft wrote:Set the default-compilation to source-dir:
and then set it to exception.
Changing my AV program was OK for me but when I distribute programs, I can't tell all the users that their AV is at fault.IdeasVacuum wrote:...the most obvious is, if you can change your AV to another, then do so. Avast stands out in terms of flexibility at least, but in all my time as a PC user with AV installed, no AV has ever detected a genuine virus but all of them have spewed out false-positives.
Doesn't sound right - probably just another error in AV logic.Temp folder is off limits to user applications
That is exactly what we have to do because even if the AV developers test your app and agree that it is safe, a couple of iterations of their code later and it catches your innocent app again - been there and done that. The only apps that are not going to be hit by this issue are those written by companies big enough to sue the AV company. I have found though that digitally signing both my app and it's installer helps to reduce AV attention. You could also publish the AV Company's response on your website - that way your customers can see you are proactive and that the AV companies are not as squeaky clean as people expect.I can't tell all the users that their AV is at fault.
There is a fee...IdeasVacuum wrote:The Taggant System is free and OpenSource - and therefore will end up being insecure and thus useless.
http://standards.ieee.org/develop/indco ... /amss.html"The fee to participate in the AMSS as a Subscriber is US $8,000.00. This fee grants access to the CMX for 1 year as well as access to the Taggant System IEEE Public Root Certificate, and blacklist, for 1 year."
"The fee for new SPV participants is US $2500. 100 packer user certificates are provided to each SPV at no cost. Additional certificates may be purchased for the current price of US $0.33 per certificate now or at a later date."
PB is using the generic \Temp\ folder to store temporary files during compilation and linking. This is where my files are getting trapped, as *.TMP files. Unfortunately, even using the \Portable switch when running PB, it still uses that folder. THIS is PB's fault . I cannot simply whitelist every *.TMP file within the \Temp folder--that would be insanity.skywalk wrote:Users without whitelist control of their AV software are truly at a disadvantage.
And I am confused why the Temp folder is off limits to user applications?
Or should it be c:\programdata\<yourapp>\...?
An hour? Well, that sounds very unlikely, but if did only take them such a short time, then what does that say about their quality control?Fortunately, BitDefender AV has a very fast False Positive Submission response; as fast as an hour. I made a submission, and was turning off my AV for 15 minutes at a time when I suddenly realized it was no longer blocking my file. If they are going to have crummy false-positive response with PB files, at least they are responsive.
I believe I have already mentioned that changing AV software just for PureBasic is not an option.
After all, playing with PureBasic is not an essential part of the professional software development we are doing on our PCs.76ea3a75 wrote:Changing AV software is no option. F-Prot is part of our inhouse IT security.
However you can configure your AV software. By adding it to the exclude list or by disabling heuristics. It's not a PureBasic specific problem i (and many other coders) get false positives with every programing language. It's just a fact that AV heuristics are not working reliably, actualy they are horrible. Never found a true threat on my system, only false positives. It's something you have to live with as a coder, no matter the programming language.76ea3a75 wrote: I believe I have already mentioned that changing AV software just for PureBasic is not an option.
