Skip to content

Is it possible to say that there is a virus in this program? #1914

Closed Answered by dmex
KetSpin asked this question in Questions / Answers
Discussion options

You must be logged in to vote

The setup is an executable and writes an executable into the \Program Files\SystemInformer directory. They could show the exact filename and directory where these files were "dropped" but they don't because these detections are broken and always incorrect.

This project is 15 years old. How does someone abuse Gitnub and Sourceforge for 15 years and nothing ever done about it?

We don't write anything into \System32?

We don't write anything into \Windows?

We don't use ThreadHideFromDebugger? You can't hide from the debugger.

We absolutely enumerate storage devices. Windows Task manager shows performance information for disk devices and we have the exact same feature. How are we expecte…

Replies: 5 comments 1 reply

Comment options

You must be logged in to vote
1 reply
@jxy-s
Comment options

Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Answer selected by dmex
Comment options

You must be logged in to vote
0 replies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
4 participants