tinycc-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Tinycc-devel] AVAST

From: Carlos Montiers
Subject: Re: [Tinycc-devel] AVAST
Date: Wed, 13 Nov 2013 15:56:20 -0300
I don't know. But maybe the detection is because a specific function, for example: CreateRemoteThread or LockResource. Or maybe is some sign in the pe file. I remember a executable with this problem. I solve it modify tccpe.c for use "This program must be run under Win32" instead "This program cannot be run in DOS mode" or moving the pe header from the offset 128 to offset 512.

Or because something is missing: For example, I added this foo function in some executables for avoid a false detection:

/*
  This function is never called.
  Is used for avoid AntiVir false detection: TR/Crypt.XPACK.Gen
*/
void nothing(void)
{
    ExitProcess(0);
}

You have the dll for try found the cause of the detection?



2013/11/12 Rene Grothmann <address@hidden>
It seems AVAST is reporting a virus in DLLs generated with the Windows versions of tcc (both 32-bit and 64-bit). I will contact AVAST with one specific DLL to remove this issue. But is there any other method of changing the signature of the generated DLLs so that there is no false alarm?

R.G.

_______________________________________________
Tinycc-devel mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/tinycc-devel


reply via email to
[Prev in Thread] Current Thread [Next in Thread]