| OSDev.org https://forum.osdev.org/ |
|
| How to get MS off your back (in 2 easy steps) https://forum.osdev.org/viewtopic.php?f=13&t=35549 |
Page 1 of 1 |
| Author: | mikegonta [ Fri Oct 18, 2019 4:30 pm ] |
| Post subject: | How to get MS off your back (in 2 easy steps) |
alexfru wrote: Somehow virustotal's minions dislike my compiler's output. Apparently MS is too smart for their own good.I submitted a file to VirusTotal (one that I know is good - it's my favorite assembler) - 3 of 69 don't like it (one of them is MS). Of course, Windows Security knows that the file is OK, however VirusTotal wrote: May differ from commercial off-the-shelf product. The company decides the particular settings with which the engine should run in VirusTotal. I then edit the source and make only one minor insignificant change (I change the case of a single letter in the DOS header string - you knowthe one that goes "This program cannot be run in DOS mode." and re-assemble it so that the hash is different. I submit this different but same executable. This time there are only 2 of 69 haters and MS loves it. So what happens next? That's right, I resubmit the original file and click on the reanalyze icon. MS saw the same-different-same file twice and deduced or some such thing that the file must be OK. You gotta love* MS. Hurry, this special event won't last long! *OK, so you don't love MS, but at least MS loves your file. |
|
| Author: | StudlyCaps [ Fri Oct 18, 2019 7:53 pm ] |
| Post subject: | Re: How to get MS off your back (in 2 easy steps) |
Could it be something as simple as a hash collision in MS's definitions DB? Either way pretty irritating. |
|
| Page 1 of 1 | All times are UTC - 6 hours |
| Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |
|