flat assembler
Message board for the users of flat assembler.
  
|  Index
      > Windows > [b]trojan in fasmw167.zip???[/b] | 
| Author | 
 | 
| Ivan2k2 28 Jul 2007, 04:55 no, it's not infected, it's false positive...
 also check http://board.flatassembler.net/topic.php?t=7302 | |||
|  28 Jul 2007, 04:55 | 
 | 
| LocoDelAssembly 28 Jul 2007, 05:11 Now NOD32 enjoys being stupid? I'm disappointed   | |||
|  28 Jul 2007, 05:11 | 
 | 
| f0dder 28 Jul 2007, 12:29 You have a much bigger risk getting infections from eMule than official FASM zips   | |||
|  28 Jul 2007, 12:29 | 
 | 
| taichin 28 Jul 2007, 18:20 I downloaded of  the official page:
 http://flatassembler.net/download.php But it is a false alarm?... Procedere with the installation.... thank pd: Forgive me. My English is bad, but I use translators  . | |||
|  28 Jul 2007, 18:20 | 
 | 
| Vortex 29 Jul 2007, 09:32 taichin,
 That's surely a false alarm. Probably, the internals of the assembler handling the PE \ MS COFF file creation triggered this false positive. _________________ Code it... That's all... | |||
|  29 Jul 2007, 09:32 | 
 | 
| rugxulo 31 Jul 2007, 02:45 taichin, turn off heuristics (AV guesses) so that it won't check for "unknown variants" of pre-existing viruses. Granted, that's not a perfect solution, but these antivirus guys don't have the time or interest to prevent every false alarm. Or get a better antivirus scanner (but I don't know of any, even my AVG Free whines, doh). | |||
|  31 Jul 2007, 02:45 | 
 | 
| f0dder 31 Jul 2007, 13:20 rugxulo wrote: taichin, turn off heuristics (AV guesses) so that it won't check for "unknown variants" of pre-existing viruses. Granted, that's not a perfect solution, but these antivirus guys don't have the time or interest to prevent every false alarm. Or get a better antivirus scanner (but I don't know of any, even my AVG Free whines, doh). Better to keep heuristics turned on, and do some manual investigation... that way you might have false positives that are a bit annoying, but you have less risk of getting infected by something nasty. _________________ carpe noctem | |||
|  31 Jul 2007, 13:20 | 
 | 
| LocoDelAssembly 31 Jul 2007, 14:37 And, what about careful computer utilization? I have no AV at all and I'm clean anyway. AVs are not able to detect all the existent viruses, only the ones that are popular enough (or have similar code that heuristics can detect).
 It doesn't matter for you all that AVs are by itself pseudo-viruses by the amount of computer resources they spend? | |||
|  31 Jul 2007, 14:37 | 
 | 
| f0dder 31 Jul 2007, 15:03 Yes, an antivirus software won't catch everything, but they can catch a lot - especially if they don't scan for just virus signatures/heuristics, but also 'suspicious behaviour' (KAV has some interesting stuff in that respect).
 I currently get by on "careful computer utilization" myself, but all it takes is one undisclosed exploit in IE or FF, one careless friend that borrows your computer for 5 minutes, or one person that visits you with an infected laptop... | |||
|  31 Jul 2007, 15:03 | 
 | 
| kohlrak 31 Jul 2007, 17:33 Amen. What i hate is when people borrow your computer without your liking and they are practically searching for the stuff. They right away install all their addons like msnplus and FunWebProducts (Zwinky, Smiley Central, Cursor Mania, etc)... Then they go to porn sites... XD | |||
|  31 Jul 2007, 17:33 | 
 | 
| KRA 31 Jul 2007, 21:22 Do like me...
 When using Windows I always run uncertain programs like browsers and such in a sandbox. I installed SandBoxIe and it works great. When I suspect something is not as it should I simply deletes the content of the sandbox and it's Ok to start over again. You can even specify that certain programs always should be run sandboxed. Try it out, You may like it like me... | |||
|  31 Jul 2007, 21:22 | 
 | 
| kohlrak 31 Jul 2007, 21:28 Yea, but dosn't that take a performance hit? Plus, the most dangerous ones will use hooking to break out of teh sandbox anyway. | |||
|  31 Jul 2007, 21:28 | 
 | 
| f0dder 31 Jul 2007, 23:34 kohlrak: sandboxie should only take a negligible performance hit, and they're taking a lot of precautions to make it hard to 'break out of'. I wouldn't use it as an environment for doing malware analysis, but for safer surfing and testing out apps, it should be quite decent enough. (and heck, even vmware seems to have had the possibility for break-outs). | |||
|  31 Jul 2007, 23:34 | 
 | 
| rugxulo 02 Aug 2007, 21:56 f0dder wrote: 
 That's fine until it actually says somethings a virus that you know isn't (e.g. something you wrote or even FASM, what we don't trust Tomasz?? It's open source, people, it ain't hard to figure what he's up to.). Anyways, if you're worried, just scan it with another antivirus program (or test it at http://www.virustotal.com ). | |||
|  02 Aug 2007, 21:56 | 
 | 
| DOS386 04 Aug 2007, 06:08 > actually says somethings a virus that you know isn't (e.g. something you wrote or even FASM, what we don't trust Tomasz??
 I really hope when Tomasz has time to work on FASM again he will fix the real (minor) problems rather than crippeling it in attempt to "fix" this "critical bug"     Same applies to Rugxulo's ATTRIB   http://board.flatassembler.net/topic.php?t=7302 http://board.flatassembler.net/topic.php?t=7310 http://board.flatassembler.net/topic.php?t=7314 (kicked ???  ) http://board.flatassembler.net/topic.php?t=7406 _________________ Bug Nr.: 12345 Title: Hello World program compiles to 100 KB !!! Status: Closed: NOT a Bug | |||
|  04 Aug 2007, 06:08 | 
 | 
| < Last Thread | Next Thread > | 
| Forum Rules: 
 | 
Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.