mvanrijnen 123 Posted April 25, 2023 (edited) Just trying to put the first tests for using MARS to our testserver, getting this from the BitDefender there: "Malware: DeepScan:Generic.EmotetK.D02D57D4 File Path: C:\Program Files (x86)\Company\myservicename.exe" We the only one with this problem? anyone a solution? (except white listing all the coming executables) Edited April 25, 2023 by mvanrijnen Share this post Link to post
Andrea Magni 75 Posted April 25, 2023 Hi, I never faced this specific issue. I know for sure many people are successfully using MARS in different scenarios. Maybe this is a false positive (it happened more than once to see false positive with Delphi built software, even simple VCL applications). You may want to check the executable agains an online antivirus like virustotal or the like... Sincerely, Andrea Share this post Link to post
mvanrijnen 123 Posted April 25, 2023 Yes, its a false positive, we have like few hundred delphi compiled executables, here's the virustotal link: VirusTotal - File - 871ae239973e56fe9e62ee15bff3cdaec454871c0948db71c1241bca9315477d But ok, it's not a common thing for programs including MARS. thats what i wanted to know. 1 Share this post Link to post
mvanrijnen 123 Posted April 25, 2023 (edited) The result of the "console" version of that file (original is a service): VirusTotal - File - 7f7461788afdcbf62851b388ae8078fb96f1536897891beaa424b83acb4c0a37 so somehow it seems like a combination of using MARS in a service, combined with some of our own stuff 🙂 Here is the MARS Helloworld example, result: https://www.virustotal.com/gui/file/81b5df036d3e194d2275bafc50a40830d585f4fa86d05e185bb2d4277796ec5f?nocache=1 end as last, a simple helloworld (writeln), console result: VirusTotal - File - a0011e091fca526d855541185805f8a28c2cb5543b42c32241edd091b4fc1dfe Edited April 25, 2023 by mvanrijnen Share this post Link to post
Lajos Juhász 295 Posted April 27, 2023 I have had a MS Defender false positive on Delphi applications last month. Try to report it. Share this post Link to post