flat assembler
Message board for the users of flat assembler.

flat assembler > Heap > Malicious Using libc in assembly example

Goto page Previous  1, 2
Author
Thread Post new topic Reply to topic
AsmGuru62



Joined: 28 Jan 2004
Posts: 1389
Location: Toronto, Canada
@Picnic:
Do you have any 'printf()' calls in your code for console app?
If not -- try adding some -- AV engines do not like 'silent' console app.
I had a strange case like that -- last year.
My app, which triggered AVs was about 12K in size.
Post 16 Apr 2018, 12:09
View user's profile Send private message Send e-mail Reply with quote
Picnic



Joined: 05 May 2007
Posts: 1257
Location: In a West End town
Thanks for the replies. I'll try to experiment more, e.g adding a manifest, organize my code better. It's just annoying, chrome won't let me download my own app.
Post 18 Apr 2018, 07:23
View user's profile Send private message Reply with quote
rugxulo



Joined: 09 Aug 2005
Posts: 2311
Location: Usono (aka, USA)
I wasn't going to bring it up again since I thought it was obvious, but here's yet another example (taken from High Level Languages -> gif libraries / examples?):

alexfru wrote:

rugxulo wrote:

EDIT#3: I had to first "restore" (SmallerC's) smlrpp.exe out of MS Security Essentials' quarantine because they suck. Very annoying (yet again), but they're far from the only overzealous antivirus. If anything, they probably penalize smaller .EXEs more than others since those are easier to hide or disseminate.


I never have this problem. Perhaps, because my Smaller C project directory is excluded from search?


Yeah, lots of pain (re: SmallerC) with several antiviruses. Frankly, its embarrassing that they keep flagging it with bad heuristics (they'll flag almost anything as "generic" trojan). Though I've had the same problems with about a dozen other compilers. Nothing is safe from false positives.

Anybody punishing you for something you didn't do is not worth your time. Don't use their products, don't give them the time of day. (But do report false positives, if possible, don't let them get away with it!) If any end user is dumb enough to trust a heuristic saying "possible generic trojan", then they aren't worth keeping around either. It's just too stupid trying to cater to impossibly-bad standards.

Is it good to work around such problems? In theory, yes, but with so many bad antiviruses, I seriously feel it's almost impossible. It's very sad and frustrating. I understand that security is important, but billions of false positives? The cure is worse than the disease!
Post 25 Apr 2018, 05:55
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16128
Location: Hyperborea
AVs are the Vs IMO Confused
Post 25 Apr 2018, 06:11
View user's profile Send private message Visit poster's website Reply with quote
Picnic



Joined: 05 May 2007
Posts: 1257
Location: In a West End town
Adding version information to my console application i got better scan results from virustotal. I will follow DimonSoft suggestion to go on writing.
Post 11 Jun 2018, 06:51
View user's profile Send private message Reply with quote
Picnic



Joined: 05 May 2007
Posts: 1257
Location: In a West End town
Today, i got virus free results. Smile

Image
Post 25 Sep 2018, 12:27
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16128
Location: Hyperborea
Picnic wrote:
Today, i got virus free results. Smile
Amazing.

Let's hope it lasts and the AV engines don't mess it all up again.
Post 25 Sep 2018, 13:00
View user's profile Send private message Visit poster's website Reply with quote
Picnic



Joined: 05 May 2007
Posts: 1257
Location: In a West End town
Well, i didn't stay put, instead i have contacted some antivirus companies and asked them to revise the executable. Carpe diem, until the next update. Smile
Post 26 Sep 2018, 14:01
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2018, Tomasz Grysztar.

Powered by rwasa.