Message board for the users of flat assembler.
> Heap > malware alert for FASM.EXE (WIN32 command line tool) COMODO
Goto page Previous 1, 2
I have AVG subscription for ~2 yrs now, and I had only two false positives -- to my surprise both of them being built freshly by tools:
1. My C++ program for some stuff I did and it got marked after I played with the LINK-er ENTRY changing option.
2. My STAR TREK code built by FASM. I do not know
what code lines triggered the alarm here. Maybe, it was sections order...
I sent both of the built EXE to AVG -- no response so far.
|16 Jan 2012, 15:13||
I am fully agree with revolution here! If AV gives you false positive it is not your fault, it is fault of the AV!
In life it doesn't help much to discuss about who's fault is it. It is like it is.
Thanks for discussion, this was quite new for me and I think I will ignore the warning. But it is always a good thing to keep care what AV kit is warning about and keep this in eyes, proove it and decide yourself wethet to use it or trust it or not.
Anyway it would be a good idea for AV kits to show at what location found possibly problematic code for developpers. But this might help virus programmer as well.
|18 Jan 2012, 12:04||
^^that would take up your CPUs resources since the AV would have to scan the file.
But in reality most AVs use hashes to identify these malwares. The real task is in the first place the virus/malware is detected in order to make a unique hash out of it. There are different ways of detecting .i.e API hooking to monitor resource queries or scanning for a sequence of known bytes.
|18 Jan 2012, 15:58||
|Goto page Previous 1, 2
< Last Thread | Next Thread >
Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.
Website powered by rwasa.