flat assembler
Message board for the users of flat assembler.

Index > Windows > virus alert

Author
Thread Post new topic Reply to topic
HarryTuttle



Joined: 26 Sep 2003
Posts: 211
Location: Poland
HarryTuttle
Hi,

My G-DATA anty-virus programm gives me an alert
when I tried to compile basic prg which includes some part of binary image and filesystem operation like _lcreat

Gen:Trojan.Heur.FU.emW@aiMYsyd (Engine-A)



http://77x.pl/prg_with_virus_allert.exe

Can You prove it?

___________

I checked it and the "file" directive does something what g-data recognize as an attack. Can U scan this attached file to check my research ?

_________________
Microsoft: brings power of yesterday to computers of today.
Post 26 Apr 2011, 21:15
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz
Heuristic Scanning sucks more and more..
check this out.
http://vx.netlux.org/lib/static/vdat/epheurs1.htm
Post 26 Apr 2011, 23:03
View user's profile Send private message Reply with quote
SPTH



Joined: 24 Jul 2004
Posts: 91
SPTH
I found nothing but a GetCommandLine and MessageBox call.

I think these AVs with incredible bad heuristic (http://virusscan.jotti.org/de/scanresult/81d4789ee6f9a7b497c316043921fb3b1be29e0e) will disappear in next few years because they generate more and more false positives and harm the user more than viruses do. That has already happened.
Post 26 Apr 2011, 23:32
View user's profile Send private message Reply with quote
HarryTuttle



Joined: 26 Sep 2003
Posts: 211
Location: Poland
HarryTuttle
thanks a lot Smile


thx for Your suggestion.
I am going to write some rules for g-data to protect fasm against this antyvirus software.

_________________
Microsoft: brings power of yesterday to computers of today.
Post 27 Apr 2011, 09:26
View user's profile Send private message Reply with quote
winvz300



Joined: 17 Apr 2011
Posts: 3
winvz300
Wink


Last edited by winvz300 on 04 Jun 2011, 04:21; edited 1 time in total
Post 27 Apr 2011, 10:23
View user's profile Send private message Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3500
Location: Bulgaria
JohnFound
I would suggest to not let these false positives without reaction. Send the false detected files to the AV makers. Usually there is a support form on their site, or e-mail or some other contact method.
If there is a support forum, you can make public complaint!
I had several cases of false positives from Avira and Symantec AV.
Fortunately, after I sent the files to the support desk, things was fixed and the false positives disappeared with the next AV update.
Smile
Post 27 Apr 2011, 10:43
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
mitz



Joined: 17 May 2011
Posts: 2
mitz
Overflowz wrote:
Heuristic Scanning sucks more and more..
check this out.
http://vx.netlux.org/lib/static/vdat/epheurs1.htm


Yep, what Overflowz said Twisted Evil

_________________
laughter is free, anytime, just call me.
Post 17 May 2011, 09:17
View user's profile Send private message Reply with quote
lamar



Joined: 05 Jun 2009
Posts: 16
lamar
G-data, Avira Antivir often produce fake alerts, just ignore that shitty anti-viruses.
Post 17 May 2011, 12:02
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.