flat assembler
Message board for the users of flat assembler.
![]() Goto page Previous 1, 2 |
Author |
|
donn
Submitted Avast:
https://www.avast.com/false-positive-file-form.php?page=success They did not provide an Incident # for tracking. Not sure the process they use to update their whitelist/blacklists. Maybe if the version keeps changing, they have nothing to compare with and then they run some primitive checks, which they are not updating, or maybe fasmg keeps evolving (like with calm) so they have a harder time updating their rules. I'm sure self-modifying assembly is a flag, beyond that, this is not surprising, but unfortunate since the version will keep updating and they need SOME WAY to accommodate this. |
|||
![]() |
|
Tomasz Grysztar
There is no self-modifying code in fasmg, and no executable data section, CALM uses just a simple VM-like interpreter.
|
|||
![]() |
|
donn
Noted!
Heard back from Avast, will see if the clearing holds up on further releases: Quote: Avast: Report a URL https://flatassembler.net/fasmg.j27m.zip Request #11828291 ref:_00Db0Z3Sf._5005p2HzGs0:ref |
|||
![]() |
|
bitRAKE
So, basically, Avast is flagging the file because it lacks a version info section/resource - as it doesn't fault in any other way listed.
|
|||
![]() |
|
revolution
We shouldn't be designing our .exe files just to please Avast, or any other AV.
Unless they put us on the payroll then those false positives and false negatives are their problems they can spend time to solve for themselves, not something we need to solve for them. |
|||
![]() |
|
alexfru
bitRAKE wrote: So, basically, Avast is flagging the file because it lacks a version info section/resource - as it doesn't fault in any other way listed. Do you have an example pair of otherwise identical .EXEs to substantiate the claim? If it's just some stupid section, I could throw it into my .EXEs. |
|||
![]() |
|
bitRAKE
I just reviewed their guidelines and groked that with what I know about fasmg. I'm not in favor of AV authors defining what an executable should consist of. Just like I'm not in favor of all this unwinding trash that programs need to be secure. Luckily, I don't need to bow down to this nonsense. This has nothing to do with the ability to comply.
|
|||
![]() |
|
Goto page Previous 1, 2 < Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.
Website powered by rwasa.