Pelles C forum
Pelles C forum => General discussion => Topic started by: TimoVJL on June 30, 2018, 04:36:07 PM
-
Avast and AVG are not friendly for programmers:
Behavior Shield are not perfect, lots of false alarms of Win32:Evo-gen[Susp]
They have problems with excluded folder and understanding of small programs.
Small programs made with link.exe or polink.exe are affected.
So now, who really trust such a warnings?
I think that Avast support team actually doesn't know how excluded folders currently works.
I personally switched to AVG and now i start same process with their support team.
BTW: don't switch off windows Application Experience service or your files stay locked in current folder in couple second and polink can't access to it.
How other virus-scanners works with PellesC?
-
Hi Timo,
Someone mentioned about using manifest files to stop the scream of the AV engines. I never tried it but it would be interesting to test it.
-
Including manifest and a version control block helps, not 100% bullet proof but it shuts up most anti virus engines.
-
No,
Avast and AGV have to face it, false alarms only serve malware makers when users don't believe it.
I have send to them enough examples;)
Malware programmers are far better that i am and Avast and AVG already know that.
So, what kind of support team they have, hardly they see a sober day ?:D
-
No,
Avast and AGV have to face it, false alarms only serve malware makers when users don't believe it.
I have send to them enough examples;)
Malware programmers are far better that i am and Avast and AVG already know that.
So, what kind of support team they have, hardly they see a sober day ?:D
I totally agree with that.
When writing a demo or small game thingy I don't want a resource section in my code.
1. it's not needed.
2. you can't compress it.
The AV companies have to take that into account, but they don't. ( I'll never send them stuff again. )
It's all about selling their products, the more false positives, the more they sell. :o
-
I agree with Siekmanski.
I have sent asm source code to Avast Team of a program that just listed the files into a folder.
Just after link Avast deleted it.
They never answered.
The more difficult is in ASM program, because if the program use instructions that are not very often used, Av deletes it!
For now, I have no antivirus, I often launch AdwCleaner, CCleaner + CCEnhancer and WiseCare365. They clean the hard disk.
-------------------------------------------------------------
FRANCE 4 - 3 ARGENTINA
-------------------------------------------------------------
-
Hi Timo,
Someone mentioned about using manifest files to stop the scream of the AV engines. I never tried it but it would be interesting to test it.
Doesn't help in my test.
-
Now they behave nicely with PellesC 9:)
-
Same result with other compiler and other AV as GCC, VC++,... Avira,...
-
All antivirus are the piece of shit.
nod32 blocks all packers such as upx
avira , bitdef, kasper - gets "heur" detect to lot of small programs.
If your programm don't have MSVCRT in import, manifest, and certificate - it will be removed as malware.
Comodo run all programs virtually.
I delete all antivirus, and use only windows defender with excluded directories.
-
It's an even bigger problem for assembly programmers. There is even a dedicated sub-forum AV Software sh*t list (http://masm32.com/board/index.php?board=23.0) at Masm32. If a program doesn't look "normal", the heuristic scanners will bark at you >:(
-
I hope that windows 10 will remove at least some of the antiviruses.
Many of them are already suing the monopoly of Windows Defender.
Sorry, I speak English very badly and cannot good tell you my opinion.. :(
-
16 not so good virus scanners:
https://www.virustotal.com/#/file/e98951bdf4878a5e9893ee65ac3e30487cf3acd5e3a7059c1ed0ee98cf4e28ac/detection
https://virusscan.jotti.org/en-US/filescanjob/g8vayrkd9l
Still 3 left:
https://www.virustotal.com/#/file/b9bc74c5ad988a6f91b8bd39e35a36210a6f192cdeff7b206eb1ab501f8e2876/detection
https://virusscan.jotti.org/en-US/filescanjob/35l4urrdnk
EDIT 2019-04-03: Avast and AVG, TLPEView clean.
https://virusscan.jotti.org/en-US/filescanjob/g43fqz957x
-
'Kazy' is detect BitDefender
Another avers copy it engine or bases? Because all detects are the same.
-
'Kazy' is detect BitDefender
Sometimes that means a PUP, Potentially Unwanted Program ? ???
Maybe they just think that from TLPEView.exe ;)
-
Avers don't likes programs in pure Assembler or pure C.
or with "bad" api in import. Because they means, that this is "malware" :(
So, if somebody uses the PE editor, he should understand this and add the file to the antivirus exceptions.
As example, antivirus block many NirSoft tools , Sysinternals tools and other for system programming. We can't do anything with this. I hope,that Microsoft kills many antivirus with monopoly Windows Defender