Announcement

Collapse
No announcement yet.

Virus detection in just compiled sample EXE

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Michael Mattias
    replied
    Send compiled file to AV publisher.

    "False Positives" occur all the time with many different compliler products. This happens at least once per week with Inno Setup (you can check the newsgroup archives there if you want).

    The good AV vendors issue updates promptly.

    Leave a comment:


  • Kev Peel
    replied
    I get false positives with one of my apps from NOD32. No idea what triggers it, but it's definitely not a virus as the program is compiled and uploaded directly to the computer that reports it.

    It's a bit of a pain actually as occasionally it still flashes up the warning even though I excluded the apps' folder in NOD32's control panel.

    Leave a comment:


  • Marco Pontello
    replied
    Annoying false positive:

    http://www.virustotal.com/analisis/3...08fef8bcdc9bc5

    Out of 40 AV scanners, 2 trigger a virus warning: AntiVir & McAfee-GW-Edition.

    Bye!

    Leave a comment:


  • Eddy Van Esch
    replied
    Norbert, I get the same result here. My Avira 9.0 gives a virus warning on EClient.exe, even with heuristic scanning and 'AHeAD' both turned off ....

    Kind regards

    Leave a comment:


  • norbert doerre
    replied
    Testing different configurations/compiler versions

    Eddy,
    yes, it also detects a virus w/o heuristic scanning. Just after the compiled file is written as EXE the virus sequence is found. I tested it on my other machine, too.

    I also tested the EXE files compiled with PBWin6. Here all three EXEs contain a virus sequence.

    The EXE files compiled by PBWin9, however, only produce a virus with EClient.bas.

    Leave a comment:


  • Eddy Van Esch
    replied
    Does Avira still recognize a virus if you turn off heuristic scanning ?

    Kind regards

    Leave a comment:


  • norbert doerre
    started a topic Virus detection in just compiled sample EXE

    Virus detection in just compiled sample EXE

    This is only a hint!
    I'm not at all engaged in internet programming and want simply inform you that "Avira Pemium Security Suite" detects after it's latest update a virus named "TR/BHO.Gen" as a trojan in EClient.exe. The source code is located in PBWin90\Samples\Internet\Tcp\EClient.bas. The EXE binary code produced by PBWin9 contains a significant sequence.
Working...
X