#ifdef

🔥 My problem is exclusively and only in CrowdStrike (not in clients, and certainly not in Delphi), but in the absence of ways to influence CrowdStrike, I am now trying to remove the line using Delphi, that's all. It looks like I'm confusing cause and effect, I know, but I can't fight them alone 🙂

Thank you! I wasn't worried either. Until my application was rejected, citing the report of this service 😞

In fact, the problem is idiotic, and it should not exist at all: CrowdStrike cannot even prove their false accusations (I asked what kind of danger this "wine_get_version" string carries and how exactly my application exploits it, but they, of course, ignored all my questions), but customers do not need any evidence from me — software from other providers successfully passes all checks, and my software is considered dangerous, and this is enough for any bureaucratic machine. I would never trust a heuristic that considers a file version to be an IPv4 address, and moreover — considers "0.0.0.0" to be a valid IPv4 address: But "the customer is always right" 🥲

Clients have a system for selecting the software they use: according to the rules and regulations, at the selection stage they are forced to give priority to software that is impeccable in terms of security. When selecting, they do not figure out whether the software is actually dangerous or not, the verdict of competent and proven online services is enough for them. If the online services unanimously recognize the file as safe, the software goes to the next stage, and so on. It's like a face control 🙂 These are their rules, I cannot change them. All that is required of me is simply to comply with them and provide code that 100% passes any security checks. As is: Should be:

Of course, my code is signed: And it has always been signed: And yes, I contacted CrowdStrike. Everything is useless, that's why I'm here. For the guys at CrowdStrike it doesn't matter how exactly the "wine_get_version" string is used — they hate the very fact of its presence, so by default they consider any executable file containing it to be "malicious". This is the root of the problem, but they don't see any problem with this approach and therefore have no intention of fixing it, they're completely fine with it 😑

Ok, thank you. And how can I permanently remove the "wine_get_version" string from my EXE? Because with this string CrowdStrike considers my EXE "malicious": ... but without this string (when I remove it in a HEX editor) it's just "suspicious" I suspect that CrowdStrike has been reading others' blogs and set up a simple trigger for this string, thus shifting this burden from their head to mine, because Delphi adds this string to all EXEs by default 😞 Right now, I'm patching each file, but what if I want to both get rid of the string and don't want to patch the file each time?

Do you remember that show last summer? 😶 Well. These same guys recently launched their own "VirusTotal" analog and, obviously, their new service is very stupid and dangerous too: But I suppose it's gaining popularity and/or is being actively promoted, because recently some clients (suffering from a special form of paranoia) started complaining: "VirusTotal" and "Hybrid Analysis" have started marking my signed (say "Hi" to CrowdStrike!) app as malicious: As you can see, the problem is specifically with the "wine_get_version" string, which Delphi for some reason includes even in a completely empty EXE (to verify, you can create a new empty "VCL, 32-bit, Release" project without a single line of code): Of course I reported this to CrowdStrike, but these guys definitely know how to make a problem out of nothing: So... Any ideas why Delphi does this, and how to avoid it? I don't need the "IsWine" check from SysInit.pas, but I can't figure out how to disable it: Yes, I know this string can be fixed in HEX, but I need a more reliable solution, I don't want to patch each of my files every release 🥲

Is there any way/API to get a clipboard history (Win + V)?

I can't believe they did it 🥲

That's why I chose the TControlList — it allows to instantly move to any place, all that remains is to fix the fixed row height 🙂

THtmlViewer: https://i.ibb.co.com/XXX8pt9/image.gif TControlList: https://i.ibb.co.com/84bg3g1/1.gif

Yes, I'm sure THtmlViewer + 10000 (start is ~5 seconds, resize is slow): unit Unit1; interface uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, System.Math, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, HTMLUn2, HtmlView; type TForm1 = class(TForm) HtmlViewer1: THtmlViewer; procedure FormCreate(Sender: TObject); private { Private declarations } public { Public declarations } end; var Form1: TForm1; implementation {$R *.dfm} function setCaption: string; var Lt: string; Li, Ll: integer; begin Ll := RandomRange(10, 1000); Lt := ''; for Li := 1 to Ll do begin if (Random(10) = 0) and (Li < Ll) then begin Lt := Lt + ' '; end else begin if Random(2) = 0 then Lt := Lt + Chr(RandomRange(65, 90)) else Lt := Lt + Chr(RandomRange(97, 122)); end; end; Result := Lt; end; procedure TForm1.FormCreate(Sender: TObject); var Li: integer; Ls: string; begin for Li := 1 to 10000 do Ls := Ls + '<div>' + Li.ToString + ': ' + setCaption + '</div><br>'; HtmlViewer1.Text := Ls; end; end. TControlList + 10000 (start is ~1 second, resize is ok): unit Unit1; interface uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, System.Math, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Vcl.ControlList; type TForm1 = class(TForm) ControlList1: TControlList; Label1: TLabel; procedure FormCreate(Sender: TObject); procedure ControlList1BeforeDrawItem(AIndex: Integer; ACanvas: TCanvas; ARect: TRect; AState: TOwnerDrawState); private { Private declarations } public { Public declarations } end; var Form1: TForm1; FList: TStringList; implementation {$R *.dfm} function setCaption: string; var Lt: string; Li, Ll: integer; begin Ll := RandomRange(10, 1000); Lt := ''; for Li := 1 to Ll do begin if (Random(10) = 0) and (Li < Ll) then begin Lt := Lt + ' '; end else begin if Random(2) = 0 then Lt := Lt + Chr(RandomRange(65, 90)) else Lt := Lt + Chr(RandomRange(97, 122)); end; end; Result := Lt; end; procedure TForm1.ControlList1BeforeDrawItem(AIndex: Integer; ACanvas: TCanvas; ARect: TRect; AState: TOwnerDrawState); begin Label1.Caption := FList[AIndex]; end; procedure TForm1.FormCreate(Sender: TObject); begin FList := TStringList.Create; ControlList1.ItemCount := 10000; for var Li := 0 to ControlList1.ItemCount - 1 do FList.Add(Li.ToString + ': ' + setCaption); end; end.

It looks really good, but on older computers 1000+ lines are too slow to render when resizing the canvas — and I can’t use pagination because the entire list must be available. But thanks anyway!

https://github.com/NickeManarin/ScreenToGif/

No, I don't (anyway, TControlList is for TGraphicControl only). Yes.