Welcome!
Log In
Windows Defender Flags lbmlupdater as Zpevdo.A Trojan
Posted by Mehan Yosarian Qualson
|
December 18, 2018 03:16AM |
Hi,
The threat is a false positive I'm assuming due to our use of obfuscation.
You can run the tool through some testing websites to check what % of the programs flag it:
for example:
[www.virustotal.com]
feel free to use some other aggregating websites.
It is a hard balance for a developer to decide how much protection to give up in return for lower false positives.
The problem is .net code is not compiled but is easily reversible so we use obfuscation to prevent reverse engineering and theft of intellectual property.
The unfortunate consequence of using obfuscation is that in its most effective methods it prevents decompilation and antivirus programs from snooping around inside the code.
People writing viruses and trojans use the same tools to protect their code. And that is the reason when programs encounter obfuscated code they say something like "suspicious" or "HEUR" which stands for heuristic matching.
The only thing I can say about it if you don't trust it don't use it. But I haven't placed anything malicious inside.
Also, make sure you DL it from our official website ; )
Best Regards
Ido Sunrider
ingame from 2003 if it makes you feel any better look me up on the planet calypso forum under user name "Ido"
The threat is a false positive I'm assuming due to our use of obfuscation.
You can run the tool through some testing websites to check what % of the programs flag it:
for example:
[www.virustotal.com]
feel free to use some other aggregating websites.
It is a hard balance for a developer to decide how much protection to give up in return for lower false positives.
The problem is .net code is not compiled but is easily reversible so we use obfuscation to prevent reverse engineering and theft of intellectual property.
The unfortunate consequence of using obfuscation is that in its most effective methods it prevents decompilation and antivirus programs from snooping around inside the code.
People writing viruses and trojans use the same tools to protect their code. And that is the reason when programs encounter obfuscated code they say something like "suspicious" or "HEUR" which stands for heuristic matching.
The only thing I can say about it if you don't trust it don't use it. But I haven't placed anything malicious inside.
Also, make sure you DL it from our official website ; )
Best Regards
Ido Sunrider
ingame from 2003 if it makes you feel any better look me up on the planet calypso forum under user name "Ido"