Page 10 of 11

Re: Why I had to stop using PureBasic

Posted: Sat Jan 27, 2018 10:37 am
by firace
As much as we'd all like to find a solution to this frustrating issue, I'm not sure it's worth wasting more time and energy on this.


Let's keep in mind that:

1- we're up against huge and lazy corporations with almost unlimited resources (AV companies)

2- this is in no way specific to PB: even some well-known, digitally signed EXEs have this issue. Examples:

NOTEPAD++
https://www.virustotal.com/en/file/0cc2 ... /analysis/

WINSCP
https://www.virustotal.com/en/file/2a1e ... /analysis/

GOOGLE UPDATE
https://www.virustotal.com/en/file/f1f6 ... /analysis/


As such, I came to the conclusion there is no magic solution to this problem and I have stopped worrying about it.

Re: Why I had to stop using PureBasic

Posted: Sat Jan 27, 2018 10:47 am
by Josh
Dude wrote:Also, his name appears literally nowhere in the ASM source for my exe, so why would it be found by a scanner?
I don't think 'Neil Hodgson' is anywhere in the exe. I think it's the compiler/packer signature that is somehow related to 'Neil Hodgson'.
https://www.hybrid-analysis.com wrote: Informative 1
Unusual Characteristics
Matched Compiler/Packer signature
details
"a5e37dde2d2c96f8e842957d32479d5ea1cec7416a6196ec2c5f172986f4fb73.exe.bin" was detected as "PureBasic 4.x -> Neil Hodgson"
source
Static Parser
relevance
10/10

Re: Why I had to stop using PureBasic

Posted: Sat Jan 27, 2018 11:14 am
by Dude
firace wrote:I'm not sure it's worth wasting more time and energy on this
I understand, but I'm of the opinion that there must be a way to encrypt or hide the Neil Hodgson signature, because it's going to cause false positives for every PureBasic exe in future until it's hidden or changed. Obviously some asshat has released malware that was built with PureBasic v4.x and we're all suffering for it to this day. :evil:

Re: Why I had to stop using PureBasic

Posted: Sat Jan 27, 2018 11:48 am
by Mijikai
firace wrote:As much as we'd all like to find a solution to this frustrating issue, I'm not sure it's worth wasting more time and energy on this.

...
Ancient tricks against detection still work and probably always will, however i dont see a point in
giving incompetent fraud companies any leadway for using flawed algorithms.

Half baked success combating skiddie malware should not impress anyone.
AVs always fail to detect sophisticated malware in a meaningful timeframe.

Btw. why would u give such a company root access to your computer?
They hook functions and see what programs u use, scan ur directories
ur contacts, ur browser history, cookies... among many other things...
Ofc. they just phone home for updates, logs are for statistics only...

I mean...

Re: Why I had to stop using PureBasic

Posted: Sat Jan 27, 2018 12:33 pm
by walbus
I think, its right what Mijikai mean
The OS should take care of it, then there are no more incompatibilities
The Windows defender is the right approach in my opinion
I no longer get an AV from a third-party vendor on my computer

Re: Why I had to stop using PureBasic

Posted: Sat Jan 27, 2018 12:39 pm
by Dude
walbus wrote:The Windows defender is the right approach in my opinion
Hmm, you may be onto something here. Since Windows Defender is the only official virus-scanner for Windows, then any other virus products could be considered "cheating" to make their products look better. I'll put this in my docs and FAQ for users to consider. ;)

Re: Why I had to stop using PureBasic

Posted: Sun Feb 11, 2018 1:55 am
by Psychophanta
Indeed; one of the problems is anti-virus are virus itselves.

Re: Why I had to stop using PureBasic

Posted: Fri Mar 02, 2018 7:50 pm
by bfernhout
I am a old Blitz3D user. And had never any problem using AVG. Now i have PB and i had to exclude file after file.
But last time i had a good one. AVG put himself in quaretine. Its contained win32 and so on malware. I like that.
There is a way to get everything right. Come together and file a claim to the AV companies. They a starting to discriminate us small programmers.
The use of C or C++ is to hard for me and PB give that what i need to make things i wanted.

I already put a claim to AVG that is they not change the files i lose income becaus of that. And that lose of income i will claim that back by them including the hiring of a real programmer because they try to exclude me from the game marked.

And if we do that all as one big group then the AV group wil listen to us.

Bart.

Re: Why I had to stop using PureBasic

Posted: Sat Mar 03, 2018 2:28 am
by Dude
bfernhout wrote:if we do that all as one big group then the AV group wil listen to us.
That's the only thing that would work: a class action lawsuit by small devs against the anti-virus companies for libelously (falsely) flagging our products as malicious. Unfortunately, that still takes big money to do, which most of us don't have. :(

Re: Why I had to stop using PureBasic

Posted: Sat Mar 03, 2018 5:24 am
by Bitblazer
Dude wrote:
bfernhout wrote:if we do that all as one big group then the AV group wil listen to us.
That's the only thing that would work: a class action lawsuit by small devs against the anti-virus companies for libelously (falsely) flagging our products as malicious. Unfortunately, that still takes big money to do, which most of us don't have. :(
Or you simply switch to a product which regularly has high ratings and flawlessly works with PureBasic - Kaspersky Internet Security. Vote with your money and solve the problem instantly.

Made much more sense to me and i was able to focus on my work and not on trying to make other companies products useable in a lenghty and expensive struggle. At some point, the other companies might even notice that KIS got our money instead of them and KIS is regularly among the top-5 solutions for the job

Re: Why I had to stop using PureBasic

Posted: Sat Mar 03, 2018 5:50 am
by Dude
Bitblazer wrote:Or you simply switch to a product which regularly has high ratings and flawlessly works with PureBasic - Kaspersky Internet Security
That won't solve anything at all, because your customers will still be using their own AV products, which will still falsely flag your programs as malicious. You can't use KIS and stick your head in the sand and think that everything's okay. :shock:

Re: Why I had to stop using PureBasic

Posted: Sat Mar 03, 2018 7:56 am
by Bitblazer
Dude wrote:
Bitblazer wrote:Or you simply switch to a product which regularly has high ratings and flawlessly works with PureBasic - Kaspersky Internet Security
That won't solve anything at all, because your customers will still be using their own AV products, which will still falsely flag your programs as malicious. You can't use KIS and stick your head in the sand and think that everything's okay. :shock:
I never claimed everything is "ok". I just mentioned what works for development.

No matter what you try, you wont be able to fix other peoples crappy products or talk them into actually fixing them. Sure you can try and some even react, but you will waste plenty of energy and i prefer to focus my energy on making my products better, not theirs. Its a bad situation, but that's how an open market can be. Once you have a large user base, the pressure will be on the sloppy AV companies. I will deal with the multitude of crappy AV products once i need to, even if it means to tell 2% of potential customers that their av products are crap and offering them a better solution.

I worry about the 98% of the customers, not about the 2% left behind for all kind of obscure reasons. Makes more sense to me or do you worry about the 2% potential customers you cant reach because they only have a HURD or Amoeba operating system and refuse to change?

Re: Why I had to stop using PureBasic

Posted: Sat Mar 03, 2018 8:16 am
by Dude
Bitblazer wrote:I never claimed everything is "ok". I just mentioned what works for development.
Okay, but I also was just pointing out that development doesn't matter. What your users see, is all that matters.

Re: Why I had to stop using PureBasic

Posted: Sat Mar 03, 2018 10:31 am
by Bitblazer
Maybe we should just create a C# .NET based wrapper which executes an X86/X64 binary program from memory plus a PB tool which puts arbitrary binaries into the wrapper ;)

https://stackoverflow.com/questions/355 ... rom-memory

Re: Why I had to stop using PureBasic

Posted: Sat Mar 03, 2018 11:16 am
by Mijikai
Bitblazer wrote:Maybe we should just create a C# .NET based wrapper which executes an X86/X64 binary program from memory plus a PB tool which puts arbitrary binaries into the wrapper ;)

https://stackoverflow.com/questions/355 ... rom-memory
Using *.NET... i hope ur kidding.
Besides it would not help much - especially if this 'tool' goes public.
Also adding more bloat to a already bloated mess...

I suggest one of these:
- educate customers (be a teacher)
- work with AVs (be crazy)
- buy a cert (be lazy)
- read some ancient vx papers (be a scientist)