Recent

Author Topic: BitDefender doesn't like Lazarus 2.0  (Read 1924 times)

dbaxter

  • New member
  • *
  • Posts: 13
BitDefender doesn't like Lazarus 2.0
« on: October 02, 2018, 04:47:42 am »
Installed the release candidate for 2.0 and BitDefender deleted it:
"The file d:\lazarus2.0\startlazarus.exe is infected with Atc4.Detection and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean."

Now I would expect this is a false positive, so do you folks have a contact at BitDefender, or is it up to us users to alert them?

wp

  • Hero Member
  • *****
  • Posts: 5129
Re: BitDefender doesn't like Lazarus 2.0
« Reply #1 on: October 02, 2018, 09:11:16 am »
AFAIK there is nobody among the devs who has special contacts to antivirus companies. Please report it yourself.

I once had BitDefender, too, but gave it up when they introduced some "intelligence" feature which deleted fpc and several related utilities. I had tried to report it, but the process to create a proper report was very complicated. Therefore I replaced BitDefender by Windows Defender.

The least thing that you must do with any antivirus: Put the Lazarus and your project folder incl all subfolders on the white-list of the scanner. But BitDefender was even ignoring that.
Lazarus trunk / fpc 3.0.4 / all 32-bit on Win-10

Thaddy

  • Hero Member
  • *****
  • Posts: 7182
Re: BitDefender doesn't like Lazarus 2.0
« Reply #2 on: October 02, 2018, 09:49:22 am »
Usually such companies (except the brainless ones) correct such false positives very quickly provided:
- a good but short description
- exact OS, compiler version etc.
- links on how to obtain the compiler(s) from the official website. (no fpcdeluxe here, because it has indirection)

The more concise, but detailed your report is, the quicker they will fix it.
We used to have many problems with KOL, most of it was corrected by most companies after I explained in detail that they were fingerprinting a framework instead of fingerprinting true malware. (Which admittedly KOL used to be used for a lot.)
The lazy ones just fingerprint the major compilers, e.g. from GNU, Microsoft, Intel and AMD.
Note it also helps if you mention that fingerprinting those is not "heuristics" which they will try to tell you as a first response if any response.....
There is nothing fishy in the startup code of the FPC compilers nor is there in the RTL.

« Last Edit: October 02, 2018, 09:52:57 am by Thaddy »
inline variables like in D10.3 are a bit like Brexit: if you are given the wrong information it sounds like a good idea. Every kid loves candy, but it makes you fat and your teeth will disappear.

Ñuño_Martínez

  • Hero Member
  • *****
  • Posts: 833
    • Burdjia
Re: BitDefender doesn't like Lazarus 2.0
« Reply #3 on: October 03, 2018, 10:36:55 am »
I'm not sure why but most anti-malware software don't like Pascal programs (both Delphi and Free Pascal).  I think is something about debugging and optimization techniques.  Both Avira and Avast antiviruses (almost) always detect my creations as potential malware.  I never have problems with GCC's C compiler (MinGW).
Are you interested in game programming? Join the Pascal Game Development community!
Also visit the Game Development Portal

af0815

  • Full Member
  • ***
  • Posts: 171
Re: BitDefender doesn't like Lazarus 2.0
« Reply #4 on: October 03, 2018, 03:08:35 pm »
Normal Avira accepts the reported positive false and my positive false are gone.
regards
Andreas

Ñuño_Martínez

  • Hero Member
  • *****
  • Posts: 833
    • Burdjia
Re: BitDefender doesn't like Lazarus 2.0
« Reply #5 on: October 05, 2018, 11:23:44 am »
I know, but it is quite annoying that every Pascal program is detected as possible harm but C ones don't...  >:(
Are you interested in game programming? Join the Pascal Game Development community!
Also visit the Game Development Portal

Thaddy

  • Hero Member
  • *****
  • Posts: 7182
Re: BitDefender doesn't like Lazarus 2.0
« Reply #6 on: October 05, 2018, 11:40:45 am »
I know, but it is quite annoying that every Pascal program is detected as possible harm but C ones don't...  >:(

The problem is going on for years. At some point some repair it and subsequently there are regressions in newer versions.
It probably requires a community action of *some scale* from both the Delphi and FPC community to teach them a lesson.
inline variables like in D10.3 are a bit like Brexit: if you are given the wrong information it sounds like a good idea. Every kid loves candy, but it makes you fat and your teeth will disappear.

440bx

  • Sr. Member
  • ****
  • Posts: 387
Re: BitDefender doesn't like Lazarus 2.0
« Reply #7 on: October 05, 2018, 03:51:49 pm »
It probably requires a community action of *some scale* from both the Delphi and FPC community to teach them a lesson.
Stop using their product(s). Companies understand the "money scale" or, better yet, use VMs.  Got a virus ?... just restore the most recent clean snapshot.  No wasting money on antiviruses and no machine slow down.   

Thaddy

  • Hero Member
  • *****
  • Posts: 7182
Re: BitDefender doesn't like Lazarus 2.0
« Reply #8 on: October 05, 2018, 05:39:19 pm »
It probably requires a community action of *some scale* from both the Delphi and FPC community to teach them a lesson.
Stop using their product(s). Companies understand the "money scale" or, better yet, use VMs.  Got a virus ?... just restore the most recent clean snapshot.  No wasting money on antiviruses and no machine slow down.   
No that's not the issue:
The technical issue is that Pascal startup code allocates input/output and memory management, whereas C family compilers do not do that. They rely on their libraries to link that in.
Simply ignoring these idiots is not possible. Sometimes they fix it (like Avira, Avast and even bitdefender many times did!!!) but they ALWAYS regress at some point, because they do not understand that the Pascal compilers carry a lot more default code into their startup code. So we, - whom for a large part of the community are computer scientists or professionals (a lot of us!) - should take collective action.
Microsoft, for instance, fixed the cause. The commercial ones fixed the symptoms....

What doctor do you prefer...
« Last Edit: October 05, 2018, 05:45:37 pm by Thaddy »
inline variables like in D10.3 are a bit like Brexit: if you are given the wrong information it sounds like a good idea. Every kid loves candy, but it makes you fat and your teeth will disappear.

marcov

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 6617
Re: BitDefender doesn't like Lazarus 2.0
« Reply #9 on: October 05, 2018, 05:45:37 pm »
Or simply exclude all open source development related directories. Problem solved :-)

Thaddy

  • Hero Member
  • *****
  • Posts: 7182
Re: BitDefender doesn't like Lazarus 2.0
« Reply #10 on: October 05, 2018, 05:48:00 pm »
Or simply exclude all open source development related directories. Problem solved :-)
Nope. There's a lot of intentional "open source" that does fancy things like image manipulation (your area) that when compiled without thought renders your program a virus....Intentionally: they know noobs...

After a while that original source goes away, but these source codes keep creeping up. Damage done...
« Last Edit: October 05, 2018, 05:49:31 pm by Thaddy »
inline variables like in D10.3 are a bit like Brexit: if you are given the wrong information it sounds like a good idea. Every kid loves candy, but it makes you fat and your teeth will disappear.

marcov

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 6617
Re: BitDefender doesn't like Lazarus 2.0
« Reply #11 on: October 05, 2018, 05:54:16 pm »
Or simply exclude all open source development related directories. Problem solved :-)
Nope. There's a lot of intentional "open source" that does fancy things like image manipulation (your area) that when compiled without thought renders your program a virus....Intentionally: they know noobs...

And you think these kind of antivirusses catch that. Ha! And note that your download dir is still searched (iow the binary snapshots in .zip format)


Thaddy

  • Hero Member
  • *****
  • Posts: 7182
Re: BitDefender doesn't like Lazarus 2.0
« Reply #12 on: October 05, 2018, 07:44:07 pm »
Marco, these antivirusses use a windowed unpack. You know what that is.
inline variables like in D10.3 are a bit like Brexit: if you are given the wrong information it sounds like a good idea. Every kid loves candy, but it makes you fat and your teeth will disappear.

RAW

  • Hero Member
  • *****
  • Posts: 679
Re: BitDefender doesn't like Lazarus 2.0
« Reply #13 on: October 05, 2018, 09:03:06 pm »
The main problem isn't LAZARUS or FREE PASCAL...
The main problem is that in 2018 people still think Antivirus-Software is a good solution to get a secure OS.
What a shame ...  :)

In this world full of lies people need to start to challenge everything and of course in particular the use of AV-Software.
I know it won't happen any time soon...

BTW: Thanks, I didn't realize that there is something like LAZARUS 2.0 ...  :)
Windows 7 Pro (x64 Sp1) And Windows XP Pro (x86 Sp3) - LAZARUS 1.8.4 FPC 3.0.4 // 1.7 FPC 3.1.1