Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Antivirus Complaining about Go1.9 #21611

Closed
julianfrank opened this issue Aug 25, 2017 · 4 comments
Closed

Antivirus Complaining about Go1.9 #21611

julianfrank opened this issue Aug 25, 2017 · 4 comments

Comments

@julianfrank
Copy link

julianfrank commented Aug 25, 2017

Please answer these questions before submitting your issue. Thanks!

What version of Go are you using (go version)?

1.9

Does this issue reproduce with the latest release?

yes...It is only happening in the 1.9 release. Symantec does not complain in the 1.8.3 release
My antivirus is Symantec Endpoint Protection 12.1.16 running in Windows 10. The Virus it reports on go.exe is WS.Reputation.1 ...
I believe someone has snooped virus code into your repo...

What operating system and processor architecture are you using (go env)?

set GOARCH=amd64
set GOBIN=
set GOEXE=.exe
set GOHOSTARCH=amd64
set GOHOSTOS=windows
set GOOS=windows
set GOPATH=E:\dev\code\go
set GORACE=
set GOROOT=E:\dev\bin\go
set GOTOOLDIR=E:\dev\bin\go\pkg\tool\windows_amd64
set GCCGO=gccgo
set CC=gcc
set GOGCCFLAGS=-m64 -mthreads -fmessage-length=0
set CXX=g++
set CGO_ENABLED=1
set PKG_CONFIG=pkg-config
set CGO_CFLAGS=-g -O2
set CGO_CPPFLAGS=
set CGO_CXXFLAGS=-g -O2
set CGO_FFLAGS=-g -O2
set CGO_LDFLAGS=-g -O2

What did you do?

Upgrade Go to latest release

If possible, provide a recipe for reproducing the error.
A complete runnable program is good.
A link on play.golang.org is best.

What did you expect to see?

A faster Go compiler

What did you see instead?

A Complaining Antivirus

@as
Copy link
Contributor

as commented Aug 25, 2017

From Symantec's website

WS.Reputation.1 is a detection for files that have a low reputation score based on analyzing data from Symantec’s community of users and therefore are likely to be security risks. Detections of this type are based on Symantec’s reputation-based security technology. Because this detection is based on a reputation score, it does not represent a specific class of threat like adware or spyware, but instead applies to all threat categories.

The reputation-based system uses the wisdom of crowds (Symantec’s tens of millions of end users) connected to cloud-based intelligence to compute a reputation score for an application, and in the process identify malicious software in an entirely new way beyond traditional signatures and behavior-based detection techniques.

Contrary to the wisdom of the crowd, it is extremely unlikely that there is a virus in the repo. If you really believe otherwise, you can upload the exe to virustotal and compare the hash to the same download from another computer.

@martisch
Copy link
Contributor

martisch commented Aug 25, 2017

Note that false positives in Anitvirus software for go binaries has happend before.
https://github.com/golang/go/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aclosed%20antivirus
It can also happen that a Virus on your machine starts infecting other exe files.

Where did you download the file and which package/version?

I downloaded https://storage.googleapis.com/golang/go1.9.windows-amd64.zip
and unpacked the go.exe then uploaded to virustotal:
https://www.virustotal.com/#/file/66184bff0dd46b43208d1b089fbdf98bd3e98d08463a4daa5147753497fb75e4/detection
Which shows Symantec classification as clean.

@cznic
Copy link
Contributor

cznic commented Aug 25, 2017

This is not any Go error. Contact your AV/OS provider and ask them for a better product.

@ianlancetaylor
Copy link
Member

Closing because there is nothing we can do. Please comment if you think of something. Thanks.

@golang golang locked and limited conversation to collaborators Aug 25, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

6 participants