Recently, I have written several commercial software programs with false positives and viruses. Kabbah and rising all reported that (Kingsoft and QQ computer manager did not talk about it, and spam fighters ).
I thought it was because of shell compression at first, but I thought it was wrong later. UPX is not a high-end shell. How can it be killed? Nowadays, anti-virus software is completely shelled by virtual machine technology, so it is easy to remove UPX. Why is Kingsoft and QQ Computer Manager rubbish? Because they don't care about youCodeWhat is written, even if it is an emptyProgramAs long as the shell is installed, the virus is reported. who developed the so-called security software? It means no brains are required for anti-virus attacks. Look at the shell directly! Yes! I admit that many Trojans like shelling to reduce the size, but can't formal software be shelling to reduce the size? The purpose of compression is to make the client download and update faster. Is this illegal?
After a period of analysis on the code, no root cause is found. However, when I recently wrote a new project, I found that every time I write a project, I will compile anti-virus once. The result is depressing. Don't be surprised !!! (Please be prepared)
Cause of virus reporting !!!!!!!! Because the copyright information and version information you insert into the software.
To prove my idea, I removed all the three commercial software that had been reported to be poisoned from copyright and version information and re-compiled the results ....... All of them passed! (Of course, the two spam will not be mentioned, and the brain is broken .)
I really cannot figure out why the virus will be reported after the copyright and version information is inserted...
However, I have to store the copyright and version information using string resource constants. This is a temporary helpless solution. What should I do! Who makes us not the boss!
I hope that my friends who have encountered the same problems will be able to avoid detours. It is a huge project to troubleshoot the suspicious code in tens of thousands of lines of code! Despise the current technical standards of many anti-virus software. If you do not write it, do not write it!