Today, I tried to run my program that uses bass_vis.dll. Symantec Anti-virus file protection jumped in and put up the following screen:
I was concerned at first, I let Symantec put the file into quarantine and went to my safe BASS VIS 2.2 .zip archive - unpacked just the bass_vis.dll file and, bingo, the same response from Symantec - I let it quarantine the file again. I then downloaded the BASS VIS 2.2 archive from this site and unpacked just that file - it was again said to be a virus by Symantec. At this point I started to disbelieve Symantec had got it right and excluded the file from its checks.
A person who uses my program has had exactly the same situation on his computer, although the virus program he is using is Norton Anti-virus - which is one and the same really.
The text from Symantec's site is: "
Symantec antivirus products exclusively use the virus name Bloodhound.Overpacked when a potentially unknown virus is found using Symantec Bloodhound technology. Bloodhound technology consists of heuristic algorithms used to detect unknown viruses. The actual file detected under Bloodhound.Overpacked is likely to be infected with a new, packed, 32-bit Windows virus." seems to infer to me that they don't really know what they're dealing with here and have made some kind of assumption erring on the side of safety.
I have advised my contacts to not worry about such a message, but it would be good to understand if this is the correct thing to do and, if so, how the issue might be solved once and for all - is a submission to Symantec the right way to go about this?
The fact that two people got the same warning about the same file, on different machines where the file has resided happily for many months, makes me feel as though this detection is entirely dubious.
