News:

Download Pelles C here: http://www.smorgasbordet.com/pellesc/

Main Menu

Avast and AVG

Started by TimoVJL, June 30, 2018, 04:36:07 PM

Previous topic - Next topic

TimoVJL

Avast and AVG are not friendly for programmers:
Behavior Shield are not perfect, lots of false alarms of Win32:Evo-gen[Susp]
They have problems with excluded folder and understanding of small programs.
Small programs made with link.exe or polink.exe are affected.
So now, who really trust such a warnings?

I think that Avast support team actually doesn't know how excluded folders currently works.
I personally switched to AVG and now i start same process with their support team.

BTW: don't switch off windows Application Experience service or your files stay locked in current folder in couple second and polink can't access to it.

How other virus-scanners works with PellesC?
May the source be with you

Vortex

Hi Timo,

Someone mentioned about using manifest files to stop the scream of the AV engines. I never tried it but it would be interesting to test it.
Code it... That's all...

Siekmanski

Including manifest and a version control block helps, not 100% bullet proof but it shuts up most anti virus engines.

TimoVJL

#3
No,
Avast and AGV have to face it, false alarms only serve malware makers when users don't believe it.
I have send to them enough examples;)

Malware programmers are far better that i am and Avast and AVG already know that.

So, what kind of support team they have, hardly they see a sober day ?:D
May the source be with you

Siekmanski

#4
Quote from: TimoVJL on June 30, 2018, 10:39:57 PM
No,
Avast and AGV have to face it, false alarms only serve malware makers when users don't believe it.
I have send to them enough examples;)

Malware programmers are far better that i am and Avast and AVG already know that.

So, what kind of support team they have, hardly they see a sober day ?:D

I totally agree with that.

When writing a demo or small game thingy I don't want a resource section in my code.
1. it's not needed.
2. you can't compress it.

The AV companies have to take that into account, but they don't. ( I'll never send them stuff again. )
It's all about selling their products, the more false positives, the more they sell.  :o

Jokaste

I agree with Siekmanski.
I have sent asm source code to Avast Team of a program that just listed the files into a folder.
Just after link Avast deleted it.
They never answered.
The more difficult is in ASM program, because if the program use instructions that are not very often used, Av deletes it!
For now, I have no antivirus, I often launch AdwCleaner, CCleaner + CCEnhancer and WiseCare365. They clean the hard disk.
-------------------------------------------------------------
FRANCE 4 - 3 ARGENTINA
-------------------------------------------------------------

TimoVJL

Quote from: Vortex on June 30, 2018, 09:50:24 PM
Hi Timo,

Someone mentioned about using manifest files to stop the scream of the AV engines. I never tried it but it would be interesting to test it.
Doesn't help in my test.
May the source be with you

TimoVJL

#7
Now they behave nicely with PellesC 9:)
May the source be with you

ngohungcuong

Same result with other compiler and other AV as GCC, VC++,... Avira,...

bitcoin

All antivirus are the piece of shit.
nod32 blocks all packers such as upx
avira , bitdef, kasper - gets "heur" detect to lot of small programs.

If your programm don't have MSVCRT in import, manifest, and certificate - it will be removed as malware.

Comodo run all programs virtually.

I delete all antivirus, and use only windows defender with excluded directories.

jj2007

It's an even bigger problem for assembly programmers. There is even a dedicated sub-forum AV Software sh*t list at Masm32. If a program doesn't look "normal", the heuristic scanners will bark at you >:(

bitcoin

I hope that windows 10 will remove at least some of the antiviruses.
Many of them are already suing the monopoly of Windows Defender.

Sorry, I speak English very badly and cannot good tell you my opinion.. :(


bitcoin

'Kazy' is detect BitDefender
Another avers copy it engine or bases? Because all detects are the same.

TimoVJL

Quote from: bitcoin on April 01, 2019, 02:54:49 AM
'Kazy' is detect BitDefender
Sometimes that means a PUP, Potentially Unwanted Program ? ???
Maybe they just think that from TLPEView.exe  ;)
May the source be with you