Recent

Author Topic: BitDefender doesn't like Lazarus 2.0  (Read 7159 times)

dbaxter

  • New Member
  • *
  • Posts: 13
BitDefender doesn't like Lazarus 2.0
« on: October 02, 2018, 04:47:42 am »
Installed the release candidate for 2.0 and BitDefender deleted it:
"The file d:\lazarus2.0\startlazarus.exe is infected with Atc4.Detection and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean."

Now I would expect this is a false positive, so do you folks have a contact at BitDefender, or is it up to us users to alert them?

wp

  • Hero Member
  • *****
  • Posts: 11855
Re: BitDefender doesn't like Lazarus 2.0
« Reply #1 on: October 02, 2018, 09:11:16 am »
AFAIK there is nobody among the devs who has special contacts to antivirus companies. Please report it yourself.

I once had BitDefender, too, but gave it up when they introduced some "intelligence" feature which deleted fpc and several related utilities. I had tried to report it, but the process to create a proper report was very complicated. Therefore I replaced BitDefender by Windows Defender.

The least thing that you must do with any antivirus: Put the Lazarus and your project folder incl all subfolders on the white-list of the scanner. But BitDefender was even ignoring that.

Thaddy

  • Hero Member
  • *****
  • Posts: 14201
  • Probably until I exterminate Putin.
Re: BitDefender doesn't like Lazarus 2.0
« Reply #2 on: October 02, 2018, 09:49:22 am »
Usually such companies (except the brainless ones) correct such false positives very quickly provided:
- a good but short description
- exact OS, compiler version etc.
- links on how to obtain the compiler(s) from the official website. (no fpcdeluxe here, because it has indirection)

The more concise, but detailed your report is, the quicker they will fix it.
We used to have many problems with KOL, most of it was corrected by most companies after I explained in detail that they were fingerprinting a framework instead of fingerprinting true malware. (Which admittedly KOL used to be used for a lot.)
The lazy ones just fingerprint the major compilers, e.g. from GNU, Microsoft, Intel and AMD.
Note it also helps if you mention that fingerprinting those is not "heuristics" which they will try to tell you as a first response if any response.....
There is nothing fishy in the startup code of the FPC compilers nor is there in the RTL.

« Last Edit: October 02, 2018, 09:52:57 am by Thaddy »
Specialize a type, not a var.

Ñuño_Martínez

  • Hero Member
  • *****
  • Posts: 1186
    • Burdjia
Re: BitDefender doesn't like Lazarus 2.0
« Reply #3 on: October 03, 2018, 10:36:55 am »
I'm not sure why but most anti-malware software don't like Pascal programs (both Delphi and Free Pascal).  I think is something about debugging and optimization techniques.  Both Avira and Avast antiviruses (almost) always detect my creations as potential malware.  I never have problems with GCC's C compiler (MinGW).
Are you interested in game programming? Join the Pascal Game Development community!
Also visit the Game Development Portal

af0815

  • Hero Member
  • *****
  • Posts: 1288
Re: BitDefender doesn't like Lazarus 2.0
« Reply #4 on: October 03, 2018, 03:08:35 pm »
Normal Avira accepts the reported positive false and my positive false are gone.
regards
Andreas

Ñuño_Martínez

  • Hero Member
  • *****
  • Posts: 1186
    • Burdjia
Re: BitDefender doesn't like Lazarus 2.0
« Reply #5 on: October 05, 2018, 11:23:44 am »
I know, but it is quite annoying that every Pascal program is detected as possible harm but C ones don't...  >:(
Are you interested in game programming? Join the Pascal Game Development community!
Also visit the Game Development Portal

Thaddy

  • Hero Member
  • *****
  • Posts: 14201
  • Probably until I exterminate Putin.
Re: BitDefender doesn't like Lazarus 2.0
« Reply #6 on: October 05, 2018, 11:40:45 am »
I know, but it is quite annoying that every Pascal program is detected as possible harm but C ones don't...  >:(

The problem is going on for years. At some point some repair it and subsequently there are regressions in newer versions.
It probably requires a community action of *some scale* from both the Delphi and FPC community to teach them a lesson.
Specialize a type, not a var.

440bx

  • Hero Member
  • *****
  • Posts: 3944
Re: BitDefender doesn't like Lazarus 2.0
« Reply #7 on: October 05, 2018, 03:51:49 pm »
It probably requires a community action of *some scale* from both the Delphi and FPC community to teach them a lesson.
Stop using their product(s). Companies understand the "money scale" or, better yet, use VMs.  Got a virus ?... just restore the most recent clean snapshot.  No wasting money on antiviruses and no machine slow down.   
(FPC v3.0.4 and Lazarus 1.8.2) or (FPC v3.2.2 and Lazarus v3.2) on Windows 7 SP1 64bit.

Thaddy

  • Hero Member
  • *****
  • Posts: 14201
  • Probably until I exterminate Putin.
Re: BitDefender doesn't like Lazarus 2.0
« Reply #8 on: October 05, 2018, 05:39:19 pm »
It probably requires a community action of *some scale* from both the Delphi and FPC community to teach them a lesson.
Stop using their product(s). Companies understand the "money scale" or, better yet, use VMs.  Got a virus ?... just restore the most recent clean snapshot.  No wasting money on antiviruses and no machine slow down.   
No that's not the issue:
The technical issue is that Pascal startup code allocates input/output and memory management, whereas C family compilers do not do that. They rely on their libraries to link that in.
Simply ignoring these idiots is not possible. Sometimes they fix it (like Avira, Avast and even bitdefender many times did!!!) but they ALWAYS regress at some point, because they do not understand that the Pascal compilers carry a lot more default code into their startup code. So we, - whom for a large part of the community are computer scientists or professionals (a lot of us!) - should take collective action.
Microsoft, for instance, fixed the cause. The commercial ones fixed the symptoms....

What doctor do you prefer...
« Last Edit: October 05, 2018, 05:45:37 pm by Thaddy »
Specialize a type, not a var.

marcov

  • Administrator
  • Hero Member
  • *
  • Posts: 11383
  • FPC developer.
Re: BitDefender doesn't like Lazarus 2.0
« Reply #9 on: October 05, 2018, 05:45:37 pm »
Or simply exclude all open source development related directories. Problem solved :-)

Thaddy

  • Hero Member
  • *****
  • Posts: 14201
  • Probably until I exterminate Putin.
Re: BitDefender doesn't like Lazarus 2.0
« Reply #10 on: October 05, 2018, 05:48:00 pm »
Or simply exclude all open source development related directories. Problem solved :-)
Nope. There's a lot of intentional "open source" that does fancy things like image manipulation (your area) that when compiled without thought renders your program a virus....Intentionally: they know noobs...

After a while that original source goes away, but these source codes keep creeping up. Damage done...
« Last Edit: October 05, 2018, 05:49:31 pm by Thaddy »
Specialize a type, not a var.

marcov

  • Administrator
  • Hero Member
  • *
  • Posts: 11383
  • FPC developer.
Re: BitDefender doesn't like Lazarus 2.0
« Reply #11 on: October 05, 2018, 05:54:16 pm »
Or simply exclude all open source development related directories. Problem solved :-)
Nope. There's a lot of intentional "open source" that does fancy things like image manipulation (your area) that when compiled without thought renders your program a virus....Intentionally: they know noobs...

And you think these kind of antivirusses catch that. Ha! And note that your download dir is still searched (iow the binary snapshots in .zip format)


Thaddy

  • Hero Member
  • *****
  • Posts: 14201
  • Probably until I exterminate Putin.
Re: BitDefender doesn't like Lazarus 2.0
« Reply #12 on: October 05, 2018, 07:44:07 pm »
Marco, these antivirusses use a windowed unpack. You know what that is.
Specialize a type, not a var.

RAW

  • Hero Member
  • *****
  • Posts: 868
Re: BitDefender doesn't like Lazarus 2.0
« Reply #13 on: October 05, 2018, 09:03:06 pm »
The main problem isn't LAZARUS or FREE PASCAL...
The main problem is that in 2018 people still think Antivirus-Software is a good solution to get a secure OS.
What a shame ...  :)

In this world full of lies people need to start to challenge everything and of course in particular the use of AV-Software.
I know it won't happen any time soon...

BTW: Thanks, I didn't realize that there is something like LAZARUS 2.0 ...  :)
Windows 7 Pro (x64 Sp1) & Windows XP Pro (x86 Sp3).

 

TinyPortal © 2005-2018