Alaska Software Inc. - Virus threat in res compiled exe files.
Username: Password:
AuthorTopic: Virus threat in res compiled exe files.
M.B. BaijuVirus threat in res compiled exe files.
on Fri, 14 Aug 2020 19:31:12 +0200
Hello,

I am facing a virus threat in res included exe files.

Not in all virus scanners. Below programs always quarantine the exe files.

Avast
AVG
Mcafee Internet security
Norton AntiVirus

you can check sample program \source\samples\apps\mdidemo\mdidemo.exe with https://www.virustotal.com/gui/home/upload

Currently I am excluding the program in the antivirus but customers are not allowing as it is not an outright perfect solution.

Has anybody found any solution regarding this matter?

Regards,

M.B.BAIJU
Andreas Gehrs-Pahl
Re: Virus threat in res compiled exe files.
on Fri, 14 Aug 2020 15:15:26 -0400
M.B.

I uploaded both, mdidemo.exe and imgview.exe, and only two programs flagged 
them -- Cylance and Qihoo-360 -- and only because they had Heuristics 
enabled. Neither Avast, AVG, Mcaffe nor Norton (Symantec) flagged those two 
files, though.

This is an old problem, were Norton (and other AVs) flagged small Xbase++ 
GUI programs as malware, mainly when Heuristics were enabled. Larger files 
and console programs weren't flagged, though

The easiest way to fix this, is to disable Heuristics, were the anti-virus 
engine tries to "guess" if a program is suspicious, even though no signature 
exists.

Andreas

Andreas Gehrs-Pahl
Absolute Software, LLC

phone: (989) 723-9927
email: Andreas@AbsoluteSoftwareLLC.com
web:   http://www.AbsoluteSoftwareLLC.com
[L]:   https://www.LinkedIn.com/in/AndreasGehrsPahl
[F]:   https://www.FaceBook.com/AbsoluteSoftwareLLC