Why I had to stop using PureBasic
Re: Why I had to stop using PureBasic
As much as we'd all like to find a solution to this frustrating issue, I'm not sure it's worth wasting more time and energy on this.
Let's keep in mind that:
1- we're up against huge and lazy corporations with almost unlimited resources (AV companies)
2- this is in no way specific to PB: even some well-known, digitally signed EXEs have this issue. Examples:
NOTEPAD++
https://www.virustotal.com/en/file/0cc2 ... /analysis/
WINSCP
https://www.virustotal.com/en/file/2a1e ... /analysis/
GOOGLE UPDATE
https://www.virustotal.com/en/file/f1f6 ... /analysis/
As such, I came to the conclusion there is no magic solution to this problem and I have stopped worrying about it.
Let's keep in mind that:
1- we're up against huge and lazy corporations with almost unlimited resources (AV companies)
2- this is in no way specific to PB: even some well-known, digitally signed EXEs have this issue. Examples:
NOTEPAD++
https://www.virustotal.com/en/file/0cc2 ... /analysis/
WINSCP
https://www.virustotal.com/en/file/2a1e ... /analysis/
GOOGLE UPDATE
https://www.virustotal.com/en/file/f1f6 ... /analysis/
As such, I came to the conclusion there is no magic solution to this problem and I have stopped worrying about it.
Last edited by firace on Sat Jan 27, 2018 10:53 am, edited 1 time in total.
Re: Why I had to stop using PureBasic
I don't think 'Neil Hodgson' is anywhere in the exe. I think it's the compiler/packer signature that is somehow related to 'Neil Hodgson'.Dude wrote:Also, his name appears literally nowhere in the ASM source for my exe, so why would it be found by a scanner?
https://www.hybrid-analysis.com wrote: Informative 1
Unusual Characteristics
Matched Compiler/Packer signature
details
"a5e37dde2d2c96f8e842957d32479d5ea1cec7416a6196ec2c5f172986f4fb73.exe.bin" was detected as "PureBasic 4.x -> Neil Hodgson"
source
Static Parser
relevance
10/10
sorry for my bad english
Re: Why I had to stop using PureBasic
I understand, but I'm of the opinion that there must be a way to encrypt or hide the Neil Hodgson signature, because it's going to cause false positives for every PureBasic exe in future until it's hidden or changed. Obviously some asshat has released malware that was built with PureBasic v4.x and we're all suffering for it to this day.firace wrote:I'm not sure it's worth wasting more time and energy on this
Re: Why I had to stop using PureBasic
Ancient tricks against detection still work and probably always will, however i dont see a point infirace wrote:As much as we'd all like to find a solution to this frustrating issue, I'm not sure it's worth wasting more time and energy on this.
...
giving incompetent fraud companies any leadway for using flawed algorithms.
Half baked success combating skiddie malware should not impress anyone.
AVs always fail to detect sophisticated malware in a meaningful timeframe.
Btw. why would u give such a company root access to your computer?
They hook functions and see what programs u use, scan ur directories
ur contacts, ur browser history, cookies... among many other things...
Ofc. they just phone home for updates, logs are for statistics only...
I mean...
Re: Why I had to stop using PureBasic
I think, its right what Mijikai mean
The OS should take care of it, then there are no more incompatibilities
The Windows defender is the right approach in my opinion
I no longer get an AV from a third-party vendor on my computer
The OS should take care of it, then there are no more incompatibilities
The Windows defender is the right approach in my opinion
I no longer get an AV from a third-party vendor on my computer
Re: Why I had to stop using PureBasic
Hmm, you may be onto something here. Since Windows Defender is the only official virus-scanner for Windows, then any other virus products could be considered "cheating" to make their products look better. I'll put this in my docs and FAQ for users to consider.walbus wrote:The Windows defender is the right approach in my opinion
- Psychophanta
- Addict
- Posts: 4997
- Joined: Wed Jun 11, 2003 9:33 pm
- Location: Lípetsk, Russian Federation
- Contact:
Re: Why I had to stop using PureBasic
Indeed; one of the problems is anti-virus are virus itselves.
http://www.zeitgeistmovie.com
While world=business:world+mafia:Wend
Will never leave this forum until the absolute bugfree PB
While world=business:world+mafia:Wend
Will never leave this forum until the absolute bugfree PB
Re: Why I had to stop using PureBasic
I am a old Blitz3D user. And had never any problem using AVG. Now i have PB and i had to exclude file after file.
But last time i had a good one. AVG put himself in quaretine. Its contained win32 and so on malware. I like that.
There is a way to get everything right. Come together and file a claim to the AV companies. They a starting to discriminate us small programmers.
The use of C or C++ is to hard for me and PB give that what i need to make things i wanted.
I already put a claim to AVG that is they not change the files i lose income becaus of that. And that lose of income i will claim that back by them including the hiring of a real programmer because they try to exclude me from the game marked.
And if we do that all as one big group then the AV group wil listen to us.
Bart.
But last time i had a good one. AVG put himself in quaretine. Its contained win32 and so on malware. I like that.
There is a way to get everything right. Come together and file a claim to the AV companies. They a starting to discriminate us small programmers.
The use of C or C++ is to hard for me and PB give that what i need to make things i wanted.
I already put a claim to AVG that is they not change the files i lose income becaus of that. And that lose of income i will claim that back by them including the hiring of a real programmer because they try to exclude me from the game marked.
And if we do that all as one big group then the AV group wil listen to us.
Bart.
From my first self made computer till now I stil like computers.
Re: Why I had to stop using PureBasic
That's the only thing that would work: a class action lawsuit by small devs against the anti-virus companies for libelously (falsely) flagging our products as malicious. Unfortunately, that still takes big money to do, which most of us don't have.bfernhout wrote:if we do that all as one big group then the AV group wil listen to us.
Re: Why I had to stop using PureBasic
Or you simply switch to a product which regularly has high ratings and flawlessly works with PureBasic - Kaspersky Internet Security. Vote with your money and solve the problem instantly.Dude wrote:That's the only thing that would work: a class action lawsuit by small devs against the anti-virus companies for libelously (falsely) flagging our products as malicious. Unfortunately, that still takes big money to do, which most of us don't have.bfernhout wrote:if we do that all as one big group then the AV group wil listen to us.
Made much more sense to me and i was able to focus on my work and not on trying to make other companies products useable in a lenghty and expensive struggle. At some point, the other companies might even notice that KIS got our money instead of them and KIS is regularly among the top-5 solutions for the job
Re: Why I had to stop using PureBasic
That won't solve anything at all, because your customers will still be using their own AV products, which will still falsely flag your programs as malicious. You can't use KIS and stick your head in the sand and think that everything's okay.Bitblazer wrote:Or you simply switch to a product which regularly has high ratings and flawlessly works with PureBasic - Kaspersky Internet Security
Re: Why I had to stop using PureBasic
I never claimed everything is "ok". I just mentioned what works for development.Dude wrote:That won't solve anything at all, because your customers will still be using their own AV products, which will still falsely flag your programs as malicious. You can't use KIS and stick your head in the sand and think that everything's okay.Bitblazer wrote:Or you simply switch to a product which regularly has high ratings and flawlessly works with PureBasic - Kaspersky Internet Security
No matter what you try, you wont be able to fix other peoples crappy products or talk them into actually fixing them. Sure you can try and some even react, but you will waste plenty of energy and i prefer to focus my energy on making my products better, not theirs. Its a bad situation, but that's how an open market can be. Once you have a large user base, the pressure will be on the sloppy AV companies. I will deal with the multitude of crappy AV products once i need to, even if it means to tell 2% of potential customers that their av products are crap and offering them a better solution.
I worry about the 98% of the customers, not about the 2% left behind for all kind of obscure reasons. Makes more sense to me or do you worry about the 2% potential customers you cant reach because they only have a HURD or Amoeba operating system and refuse to change?
Re: Why I had to stop using PureBasic
Okay, but I also was just pointing out that development doesn't matter. What your users see, is all that matters.Bitblazer wrote:I never claimed everything is "ok". I just mentioned what works for development.
Re: Why I had to stop using PureBasic
Maybe we should just create a C# .NET based wrapper which executes an X86/X64 binary program from memory plus a PB tool which puts arbitrary binaries into the wrapper
https://stackoverflow.com/questions/355 ... rom-memory
https://stackoverflow.com/questions/355 ... rom-memory
Re: Why I had to stop using PureBasic
Using *.NET... i hope ur kidding.Bitblazer wrote:Maybe we should just create a C# .NET based wrapper which executes an X86/X64 binary program from memory plus a PB tool which puts arbitrary binaries into the wrapper
https://stackoverflow.com/questions/355 ... rom-memory
Besides it would not help much - especially if this 'tool' goes public.
Also adding more bloat to a already bloated mess...
I suggest one of these:
- educate customers (be a teacher)
- work with AVs (be crazy)
- buy a cert (be lazy)
- read some ancient vx papers (be a scientist)