Posts: 2020
Threads: 133
Joined: July 26, 2017
Reputation:
5
Windows defender has, once again, incorrectly identified my program as malware!
February 20, 2024 at 9:48 am
Yesterday, I ported my solution of the N Queens Puzzle from the WebAssembly dialect of AEC (which I wrote back in 2021) to the x86 dialect of AEC. And Windows Defender complains that the executable is malware known as "Program:Win32/Wacapew.C!ml". That's implausible, as Wacapew.C!ml is a Trojan, and not a virus which can infect other executable files.
This is not the first that has happened to me. Back in 2020, Windows Defender claimed that my "100 Bottles of Beer" program written in x86 dialect of AEC is a Trojan and that my Polar Rose program is a PUS. I submitted those files to Microsoft, and they agreed with me that it is a false positive.
I must admit I don't understand how that's even possible. I'd understand if my compiler gets misidentified as a virus, as some viruses (especially on Linux) output assembly code and invoke assemblers, and my compiler also outputs assembly and invokes assemblers. I understand that encryption software sometimes gets misidentified as ransomware, as ransomware also do encryption. But I don't understand how can such simple software that essentially does nothing get misidentified as malware. How do antivirus programs even work? What do they look for so that small example programs written in my programming language look suspicious to them?
And why aren't the producers of antivirus software held liable for the damage their software causes via false positives?
Posts: 6112
Threads: 53
Joined: September 25, 2018
Reputation:
20
RE: Windows defender has, once again, incorrectly identified my program as malware!
February 20, 2024 at 9:54 am
Maybe it's referring to the user.
Posts: 46406
Threads: 540
Joined: July 24, 2013
Reputation:
109
RE: Windows defender has, once again, incorrectly identified my program as malware!
February 20, 2024 at 11:15 am
(February 20, 2024 at 9:48 am)FlatAssembler Wrote: Yesterday, I ported my solution of the N Queens Puzzle from the WebAssembly dialect of AEC (which I wrote back in 2021) to the x86 dialect of AEC. And Windows Defender complains that the executable is malware known as "Program:Win32/Wacapew.C!ml". That's implausible, as Wacapew.C!ml is a Trojan, and not a virus which can infect other executable files.
This is not the first that has happened to me. Back in 2020, Windows Defender claimed that my "100 Bottles of Beer" program written in x86 dialect of AEC is a Trojan and that my Polar Rose program is a PUS. I submitted those files to Microsoft, and they agreed with me that it is a false positive.
I must admit I don't understand how that's even possible. I'd understand if my compiler gets misidentified as a virus, as some viruses (especially on Linux) output assembly code and invoke assemblers, and my compiler also outputs assembly and invokes assemblers. I understand that encryption software sometimes gets misidentified as ransomware, as ransomware also do encryption. But I don't understand how can such simple software that essentially does nothing get misidentified as malware. How do antivirus programs even work? What do they look for so that small example programs written in my programming language look suspicious to them?
And why aren't the producers of antivirus software held liable for the damage their software causes via false positives?
What are we supposed to do with this information?
Boru
‘I can’t be having with this.’ - Esmeralda Weatherwax
Posts: 23189
Threads: 26
Joined: February 2, 2010
Reputation:
106
RE: Windows defender has, once again, incorrectly identified my program as malware!
February 20, 2024 at 11:31 am
Why write lines that essentially do nothing, by your own admission?
Posts: 3461
Threads: 25
Joined: August 9, 2015
Reputation:
27
RE: Windows defender has, once again, incorrectly identified my program as malware!
February 20, 2024 at 11:33 am
FA you avoided a thread that was made just for you.
"For the only way to eternal glory is a life lived in service of our Lord, FSM; Verily it is FSM who is the perfect being the name higher than all names, king of all kings and will bestow upon us all, one day, The great reclaiming" -The Prophet Boiardi-
Conservative trigger warning.
Posts: 29828
Threads: 116
Joined: February 22, 2011
Reputation:
159
RE: Windows defender has, once again, incorrectly identified my program as malware!
February 20, 2024 at 11:35 am
Posts: 28417
Threads: 524
Joined: June 16, 2015
Reputation:
90
RE: Windows defender has, once again, incorrectly identified my program as malware!
February 20, 2024 at 2:37 pm
(This post was last modified: February 20, 2024 at 2:38 pm by brewer.)
Why are you creating 'software that essentially does nothing'?
Please tell us you're not in cyber security.
Being told you're delusional does not necessarily mean you're mental.
Posts: 16586
Threads: 128
Joined: July 10, 2013
Reputation:
65
RE: Windows defender has, once again, incorrectly identified my program as malware!
February 20, 2024 at 3:12 pm
Malware doesn't exist.
Posts: 46406
Threads: 540
Joined: July 24, 2013
Reputation:
109
RE: Windows defender has, once again, incorrectly identified my program as malware!
February 20, 2024 at 3:17 pm
(February 20, 2024 at 3:12 pm)arewethereyet Wrote: Malware doesn't exist.
That’s a fair point. Malware can’t exist because it would violate Karl Popper’s ‘Principle Of Shit Flat Assembler Doesn't Understand’.
Boru
‘I can’t be having with this.’ - Esmeralda Weatherwax
Posts: 8270
Threads: 40
Joined: March 18, 2014
Reputation:
54
RE: Windows defender has, once again, incorrectly identified my program as malware!
February 20, 2024 at 8:46 pm
(February 20, 2024 at 9:48 am)FlatAssembler Wrote: Yesterday, I ported my solution of the N Queens Puzzle from the WebAssembly dialect of AEC (which I wrote back in 2021) to the x86 dialect of AEC. And Windows Defender complains that the executable is malware known as "Program:Win32/Wacapew.C!ml". That's implausible, as Wacapew.C!ml is a Trojan, and not a virus which can infect other executable files.
This is not the first that has happened to me. Back in 2020, Windows Defender claimed that my "100 Bottles of Beer" program written in x86 dialect of AEC is a Trojan and that my Polar Rose program is a PUS. I submitted those files to Microsoft, and they agreed with me that it is a false positive.
I must admit I don't understand how that's even possible. I'd understand if my compiler gets misidentified as a virus, as some viruses (especially on Linux) output assembly code and invoke assemblers, and my compiler also outputs assembly and invokes assemblers. I understand that encryption software sometimes gets misidentified as ransomware, as ransomware also do encryption. But I don't understand how can such simple software that essentially does nothing get misidentified as malware. How do antivirus programs even work? What do they look for so that small example programs written in my programming language look suspicious to them?
And why aren't the producers of antivirus software held liable for the damage their software causes via false positives?
Ima just leave this here:
Thief and assassin for hire. Member in good standing of the Rogues Guild.
|