Symantec Developer Group

I represent a small software company that sells Windows software as electronic downloads. Lately, Symantec products flag our products as potential threats upon detections be so called "crowd intelligence" based algorithms, such as WS.Reputation, WS.Suspicious cloud and similar. We have reported the false positives and applied for white listing. These are always approved by Symantec, but don't seem to have any effect in reality. Our installers are signed using a certificate issued by Thawte. Obviously, this is very harmful for our business. My question is, how can we possibly avoid these false positives? Are Symantec trying to push their own certificates using their dominance in the virus protection market and would it help to purchase a certificte issued by Symantec?

Best regards,

Stian Aagedal (Acon AS)

Did you submit you file in symantec White-List.

Software developer would like to add his/her software to the Symantec White-List.

See this thread

http://www.symantec.com/connect/forums/sep-application-whitelisting

Submit false positive here:

https://submit.symantec.com/false_positive/

Software White-Listing Request here:

https://submit.symantec.com/whitelist/

Thanks for the replies. I already submitted the false positives and got the software white listed. I received a white list confirmation from Symantec and they ensured to remove the false detection. It doesn't seem to have any effect, though. Customers are still reporting detections. Why isn't it possible to white list a developer based on the code signing? We are completely left in the dark here by Symantec, there is no explanation whatsoever about their cloud based detection algorithms. Is the country of origin, the number of downloads or what? We have never had any problems with other anti-virus software.

Stian