flat assembler
Message board for the users of flat assembler.
 Home   FAQ   Search   Register 
 Profile   Log in to check your private messages   Log in 
flat assembler > Heap > Malicious Using libc in assembly example

Goto page Previous  1, 2
Author
Thread Post new topic Reply to topic
AsmGuru62



Joined: 28 Jan 2004
Posts: 1388
Location: Toronto, Canada

@Picnic:
Do you have any 'printf()' calls in your code for console app?
If not -- try adding some -- AV engines do not like 'silent' console app.
I had a strange case like that -- last year.
My app, which triggered AVs was about 12K in size.
Post 16 Apr 2018, 12:09
View user's profile Send private message Send e-mail Reply with quote
Picnic



Joined: 05 May 2007
Posts: 1230
Location: Icarian Sea

Thanks for the replies. I'll try to experiment more, e.g adding a manifest, organize my code better. It's just annoying, chrome won't let me download my own app.
Post 18 Apr 2018, 07:23
View user's profile Send private message Reply with quote
rugxulo



Joined: 09 Aug 2005
Posts: 2279
Location: Usono (aka, USA)

I wasn't going to bring it up again since I thought it was obvious, but here's yet another example (taken from High Level Languages -> gif libraries / examples?):


alexfru wrote:


rugxulo wrote:

EDIT#3: I had to first "restore" (SmallerC's) smlrpp.exe out of MS Security Essentials' quarantine because they suck. Very annoying (yet again), but they're far from the only overzealous antivirus. If anything, they probably penalize smaller .EXEs more than others since those are easier to hide or disseminate.



I never have this problem. Perhaps, because my Smaller C project directory is excluded from search?



Yeah, lots of pain (re: SmallerC) with several antiviruses. Frankly, its embarrassing that they keep flagging it with bad heuristics (they'll flag almost anything as "generic" trojan). Though I've had the same problems with about a dozen other compilers. Nothing is safe from false positives.

Anybody punishing you for something you didn't do is not worth your time. Don't use their products, don't give them the time of day. (But do report false positives, if possible, don't let them get away with it!) If any end user is dumb enough to trust a heuristic saying "possible generic trojan", then they aren't worth keeping around either. It's just too stupid trying to cater to impossibly-bad standards.

Is it good to work around such problems? In theory, yes, but with so many bad antiviruses, I seriously feel it's almost impossible. It's very sad and frustrating. I understand that security is important, but billions of false positives? The cure is worse than the disease!
Post 25 Apr 2018, 05:55
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 15809
Location: Misner space

AVs are the Vs IMO Confused
Post 25 Apr 2018, 06:11
View user's profile Send private message Visit poster's website Reply with quote
Picnic



Joined: 05 May 2007
Posts: 1230
Location: Icarian Sea

Adding version information to my console application i got better scan results from virustotal. I will follow DimonSoft suggestion to go on writing.
Post 11 Jun 2018, 06:51
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2

< Last Thread | Next Thread >

Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Main index   Download   Documentation   Examples   Message board
Copyright © 2004-2018, Tomasz Grysztar.
Powered by rwasa.