The MASM Forum

Projects => MASM32 => AV Software sh*t list => Topic started by: jayanthd on December 30, 2012, 06:44:28 AM

Title: Trojan
Post by: jayanthd on December 30, 2012, 06:44:28 AM
Hello!

I installed MASM3211. I opened masm32 folder and my avg antivirus tells that dlgmake.exe is infected with some trojan. What should I do? Can I get a clean version of dlgmake.exe?
Title: Re: Trojan
Post by: jj2007 on December 30, 2012, 06:51:04 AM
You do have a clean version of dlgmake.exe, provided you downloaded the archive from this site.
If an AV software has no patterns stored for a specific executable, it uses "heuristic" scanners which shout foul when they encounter things that are not so common in boring standard software compiled with standard C compilers. For example, a simple pushad/popad sequence may look suspicious to a heuristic scanner.

So forget the warnings, and enjoy the Masm32 package. The last dozen years or so, it has been absolutely safe. By the way, welcome to the Forum :icon14:
Title: Re: Trojan
Post by: Vortex on December 30, 2012, 08:02:19 AM
Hi jayanthd,

Welcome to the forum.

As Jochen said, that warning is a false positive. You can ignore it.
Title: Re: Trojan
Post by: Magnum on December 30, 2012, 08:57:19 AM
Some anti virus programs let you turn off heuristic scanning.

My experience is that heuristic scanning is too trigger happy.  :biggrin:
Title: Re: Trojan
Post by: Gunther on December 30, 2012, 09:18:14 AM
Hi jayanthd,

welcome to the forum and ignore the false positive. Have a lot of fun.

Gunther
Title: Re: Trojan
Post by: jayanthd on January 08, 2013, 04:57:28 AM
See my other thread. My AVG doesn't show heur.something in the detection it shows the name of the trojans.

http://masm32.com/board/index.php?topic=1241.0
Title: Re: Trojan
Post by: hutch-- on January 08, 2013, 10:24:33 AM
jayanthd,

The problem is you are trusting an AV scanner that is known to be unreliable and that regularly delivers false positives on executable files that are completely safe. You may not be familiar with the technology but Microsoft design the "Portable Executable" specification for 32 bit Windows executables, not a low end AV company that does not appear to fully understand the operating system vendor's specification.

If you must use an AV scanner, look for the highly reliable ones from Microsoft, Eset and Kaspersky, not freeware junk on the internet. As long as you have a legitimate copy of Windows you can get the Microsoft version at no cost, why mess around with unreliable junk ?
Title: Re: Trojan
Post by: dedndave on January 08, 2013, 10:40:12 AM
i generally use MalwareBytes
i also have AdAware installed, which i normally keep disabled
i have found recent versions of it to be surprisingly good
Title: Re: Trojan
Post by: Magnum on January 08, 2013, 06:26:58 PM
The Microsoft anti-virus programs are pretty good and I am currently using theirs.

But some of them are a little too trigger happy, but better than most others.

You can usually tell them to ignore specific programs or you can temporarily stop real time protection while you run or test your program.

M.S. Front End Protection is too cautious, but M.S. Security Essentials is pretty good at not "freaking out" when some programs are run.

Good luck,
                   Andy  :t




Title: Re: Trojan
Post by: sinsi on January 08, 2013, 07:15:54 PM
In my job I get asked about AVs all the time.

I sell AVG.
I make 20% commission.
I have sold one copy in over two years.

This is because I steer people away from it (hope work don't read this  :biggrin:).
Every computer I disinfect gets MSE and Malwarebytes on it and a lot of them buy Malwarebytes after the trial.

Crap AVs include AVG, McAfee, Norton, Trend, even Kaspersky is going downhill recently.
Title: Re: Trojan
Post by: Gunther on January 08, 2013, 09:26:24 PM
Hi sinsi,

Crap AVs include AVG, McAfee, Norton, Trend, even Kaspersky is going downhill recently.

I hope so.

Gunther
Title: Re: Trojan
Post by: hutch-- on January 09, 2013, 08:25:40 AM
I have moved the double post back to where it should be and remind the new member that it is of nuisance value to double post. The topic was not missed the first time and the mistaken conviction that someone using a freeware piece of junk has anything to tell us is also short of the facts.

The download site for the MASM32 SDK has a detailed section on installation which has been put there for a reason, particularly for inexperienced users so that they do not clutter the forum with questions that have already been answered.