Author Topic: Trojan  (Read 6516 times)

jayanthd

  • Guest
Trojan
« on: December 30, 2012, 06:44:28 AM »
Hello!

I installed MASM3211. I opened masm32 folder and my avg antivirus tells that dlgmake.exe is infected with some trojan. What should I do? Can I get a clean version of dlgmake.exe?

jj2007

  • Member
  • *****
  • Posts: 7558
  • Assembler is fun ;-)
    • MasmBasic
Re: Trojan
« Reply #1 on: December 30, 2012, 06:51:04 AM »
You do have a clean version of dlgmake.exe, provided you downloaded the archive from this site.
If an AV software has no patterns stored for a specific executable, it uses "heuristic" scanners which shout foul when they encounter things that are not so common in boring standard software compiled with standard C compilers. For example, a simple pushad/popad sequence may look suspicious to a heuristic scanner.

So forget the warnings, and enjoy the Masm32 package. The last dozen years or so, it has been absolutely safe. By the way, welcome to the Forum :icon14:

Vortex

  • Member
  • *****
  • Posts: 1704
Re: Trojan
« Reply #2 on: December 30, 2012, 08:02:19 AM »
Hi jayanthd,

Welcome to the forum.

As Jochen said, that warning is a false positive. You can ignore it.

Magnum

  • Member
  • *****
  • Posts: 2235
Re: Trojan
« Reply #3 on: December 30, 2012, 08:57:19 AM »
Some anti virus programs let you turn off heuristic scanning.

My experience is that heuristic scanning is too trigger happy.  :biggrin:
Take care,
                   Andy

Ubuntu-mate-16.04-desktop-amd64

http://www.goodnewsnetwork.org

Gunther

  • Member
  • *****
  • Posts: 3515
  • Forgive your enemies, but never forget their names
Re: Trojan
« Reply #4 on: December 30, 2012, 09:18:14 AM »
Hi jayanthd,

welcome to the forum and ignore the false positive. Have a lot of fun.

Gunther
Get your facts first, and then you can distort them.

jayanthd

  • Guest
Re: Trojan
« Reply #5 on: January 08, 2013, 04:57:28 AM »
See my other thread. My AVG doesn't show heur.something in the detection it shows the name of the trojans.

http://masm32.com/board/index.php?topic=1241.0

hutch--

  • Administrator
  • Member
  • ******
  • Posts: 4813
  • Mnemonic Driven API Grinder
    • The MASM32 SDK
Re: Trojan
« Reply #6 on: January 08, 2013, 10:24:33 AM »
jayanthd,

The problem is you are trusting an AV scanner that is known to be unreliable and that regularly delivers false positives on executable files that are completely safe. You may not be familiar with the technology but Microsoft design the "Portable Executable" specification for 32 bit Windows executables, not a low end AV company that does not appear to fully understand the operating system vendor's specification.

If you must use an AV scanner, look for the highly reliable ones from Microsoft, Eset and Kaspersky, not freeware junk on the internet. As long as you have a legitimate copy of Windows you can get the Microsoft version at no cost, why mess around with unreliable junk ?
hutch at movsd dot com
http://www.masm32.com    :biggrin:  :biggrin:

dedndave

  • Member
  • *****
  • Posts: 8734
  • Still using Abacus 2.0
    • DednDave
Re: Trojan
« Reply #7 on: January 08, 2013, 10:40:12 AM »
i generally use MalwareBytes
i also have AdAware installed, which i normally keep disabled
i have found recent versions of it to be surprisingly good

Magnum

  • Member
  • *****
  • Posts: 2235
Re: Trojan
« Reply #8 on: January 08, 2013, 06:26:58 PM »
The Microsoft anti-virus programs are pretty good and I am currently using theirs.

But some of them are a little too trigger happy, but better than most others.

You can usually tell them to ignore specific programs or you can temporarily stop real time protection while you run or test your program.

M.S. Front End Protection is too cautious, but M.S. Security Essentials is pretty good at not "freaking out" when some programs are run.

Good luck,
                   Andy  :t




Take care,
                   Andy

Ubuntu-mate-16.04-desktop-amd64

http://www.goodnewsnetwork.org

sinsi

  • Member
  • ****
  • Posts: 996
Re: Trojan
« Reply #9 on: January 08, 2013, 07:15:54 PM »
In my job I get asked about AVs all the time.

I sell AVG.
I make 20% commission.
I have sold one copy in over two years.

This is because I steer people away from it (hope work don't read this  :biggrin:).
Every computer I disinfect gets MSE and Malwarebytes on it and a lot of them buy Malwarebytes after the trial.

Crap AVs include AVG, McAfee, Norton, Trend, even Kaspersky is going downhill recently.
I can walk on water but stagger on beer.

Gunther

  • Member
  • *****
  • Posts: 3515
  • Forgive your enemies, but never forget their names
Re: Trojan
« Reply #10 on: January 08, 2013, 09:26:24 PM »
Hi sinsi,

Crap AVs include AVG, McAfee, Norton, Trend, even Kaspersky is going downhill recently.

I hope so.

Gunther
Get your facts first, and then you can distort them.

hutch--

  • Administrator
  • Member
  • ******
  • Posts: 4813
  • Mnemonic Driven API Grinder
    • The MASM32 SDK
Re: Trojan
« Reply #11 on: January 09, 2013, 08:25:40 AM »
I have moved the double post back to where it should be and remind the new member that it is of nuisance value to double post. The topic was not missed the first time and the mistaken conviction that someone using a freeware piece of junk has anything to tell us is also short of the facts.

The download site for the MASM32 SDK has a detailed section on installation which has been put there for a reason, particularly for inexperienced users so that they do not clutter the forum with questions that have already been answered.
hutch at movsd dot com
http://www.masm32.com    :biggrin:  :biggrin: