I don't know. But maybe the detection is because a specific function, for
example: CreateRemoteThread or LockResource. Or maybe is some sign in the
pe file. I remember a executable with this problem. I solve it modify
tccpe.c for use "This program must be run under Win32" instead "This
program cannot be run in DOS mode" or moving the pe header from the offset
128 to offset 512.
Or because something is missing: For example, I added this foo function in
some executables for avoid a false detection:
/*
This function is never called.
Is used for avoid AntiVir false detection: TR/Crypt.XPACK.Gen
*/
void nothing(void)
{
ExitProcess(0);
}
You have the dll for try found the cause of the detection?
2013/11/12 Rene Grothmann <[email protected]>
> It seems AVAST is reporting a virus in DLLs generated with the Windows
> versions of tcc (both 32-bit and 64-bit). I will contact AVAST with one
> specific DLL to remove this issue. But is there any other method of
> changing the signature of the generated DLLs so that there is no false
> alarm?
>
> R.G.
>
> _______________________________________________
> Tinycc-devel mailing list
> [email protected]
> https://lists.nongnu.org/mailman/listinfo/tinycc-devel
>
>
_______________________________________________
Tinycc-devel mailing list
[email protected]
https://lists.nongnu.org/mailman/listinfo/tinycc-devel
