当前位置: 动力学知识库 > 问答 > 编程问答 >

windows - win32 PE encryptor = antivirus false positive

问题描述:

I'm trying to protect my programs against cracking and reverse engineering.

I wrote programs in C++ (Visual Studio 2010) and I also wrote easy encryption algorithms in assembler. Algorithm is added to EXE file and make it harder to cracking, because is loaded before main program. This wasn't hard job.

But... now, I have a lot of false positives cca 50% on virustotal.com. I have also same problem when I'm trying use only upx packer :( ...Every time. I modified algorithms many times but without success.

Can you help me someone, please?

Thank you.

网友答案:

A new project called the Taggant is being developed (done now). This embeds a signed marker into the file that identifies the licensee of the packer, as well as the packer vendor. This will help to alleviate false positives, once it is done. Right now we are waiting for the CA agreement to be finalized, then for everyone to implement it (on both sides), so it will be a while.

To get any REAL action taken, you must join this group. If you are a legitimate vendor, I can help you join, but you must be a legitimate vendor. If this is to protect your malware or cracks, then obviously they wouldn't qualify you.

In the meantime, you can report false positives (or find where to report them) at the site dedicated to such - http://falsepositivereport.org

You can also MAKE SURE your files are Digitally Signed after compression/protection. The history of your digital cert will say a lot about how likely false positives might be.

分享给朋友:
您可能感兴趣的文章:
随机阅读: