Arx Libertatis Bug Tracker
star_faded.png
Please log in to bookmark issues
bug_report_small.png
CLOSED  Bug report #1477  -  Trojan.GenericKDZ.67863
Posted Jun 30, 2020 - updated Jun 30, 2020   Shortlink: http://arx.vg/1477
action_vote_minus_faded.png
0
Votes
action_vote_plus_faded.png
icon_info.png This issue has been closed with status "Upstream" and resolution "Not determined".
Issue details
  • Type of issue
    Bug report
  • Status
     
    Upstream
  • Assigned to
    Not assigned to anyone
  • Type of bug
    Not triaged
  • Likelihood
    Not triaged
  • Effect
    Not triaged
  • Posted by
     Guest user
  • Owned by
    Not owned by anyone
  • Estimated time
    Not estimated
  • Category
    Not determined
  • Resolution
    Not determined
  • Priority
    Not determined
  • Reproducability
    Not determined
  • Severity
    Not determined
  • Targetted for
    icon_milestones.png Not determined
  • OS
    icon_customdatatype.png Not determined
  • Architecture
    icon_customdatatype.png Not determined
  • Fixed in
    icon_customdatatype.png Not determined
Issue description
bitdefender detected it in all exes falsepositive?
Steps to reproduce this issue
Nothing entered.

#1
icon_reply.pngReply
Comment posted by
 Daniel Scharrer
Jun 30, 16:55
Please report bugs in your anti-virus software to the vendor of that product.

The issue was updated with the following change(s):
  • The status has been updated, from New to Upstream.
  • This issue has been closed
#2
icon_reply.pngReply
Comment posted by
 Daniel Scharrer
Jun 30, 16:59
Note that the files tripping up some virus scareware are not the main executables under the bin directory, but the launchers in the main directory that detect if you are in a 32-bit or 64-bit environment and than launch the appropriate executable (in some cases with additional arguments). The executables are only 15 KiB each (excluding icons in arx.exe and arx-portable.exe) so anyone who cares should be able to disassemble them and verify what they are doing.

The source code for them is here: https://github.com/arx/ArxPackages/blob/master/scripts/launcher.c

It's compiled using MinGW, e.g. for arxunpak.exe:

 $ i686-w64-mingw32-windres bin/x86/arxunpak.exe -O coff -o resources.obj
 $ i686-w64-mingw32-gcc launcher.c -o arxunpak.exe -static-libgcc -s -Os -fdata-sections -ffunction-sections -flto -fno-asynchronous-unwind-tables -fno-ident -fno-stack-protector -fno-unwind-tables -fomit-frame-pointer -fuse-linker-plugin -fvisibility=hidden -fwhole-program -Wl,--gc-sections -Wl,--build-id=none -DUNICODE -D_UNICODE -DLAUNCHER_USE_PATH=1 -DLAUNCHER_USE_CMD_PATH=1 -DLAUNCHER_COMMAND=arxunpak.exe -DLAUNCHER_SCOMMAND=arxunpak -DLAUNCHER_WAIT=1 resources.obj