Back to home page

DOS ain't dead

Forum index page

Log in | Register

Back to the forum
Board view  Mix view

Smaller C compiler (Announce)

posted by alexfru(R), USA, 27.11.2017, 03:10

> > MacOS executables. Do those engines not check those other formats at
> all?
> > Or are there too few viruses for Linux and MacOS?
>
> I highly doubt they do scan (much, if at all) other formats for other OSes.
> It's mostly a Windows problem.
>
> Though "Reanalyze" shows ClamAV reporting "Osx.Malware.Agent-6370979-0".
> (Maybe I missed that before!)

I too did.

> >> Avast is still there with its suspicions.
> >
> > Found this: Report a false detection. Submitted the project URL.
> > We'll see what happens.
>
> I already reported the .ZIP to them, but maybe you think the URL would be
> more obvious?

Dunno. Just gave them the URL for the zip on github. They couldn't just scan by the project URL (can't traverse HTML?).

> Anyways, it now says "Avast : Clean" (on VirusTotal), but you're still
> getting 33/60 other false positives (most saying "generic", ugh).
>
> Obviously you don't need my advice, but couldn't you split the Win32 .EXEs
> in half or something? Just make the end user recombine them. Heck, nop out
> the entire PE header, and add a plain text script to somehow recombine it.
> Heck, just .ZIP encrypt binw*.exe (like Japheth had to do with HX) with the
> password being (I don't know) "password". Put the password in the .ZIP
> comment (and/or readme), for full transparency.
>
> Or not, I'm sure you don't need my ideas.

How about the two MZ chars stripped? Here's the link to download the project from the new experimental branch av. Follow the simple instructions in binw/combine.txt.

 

Complete thread:

Back to the forum
Board view  Mix view
15191 Postings in 1365 Threads, 250 registered users, 16 users online (0 registered, 16 guests)
DOS ain't dead | Admin contact
RSS Feed
powered by my little forum