[FALSE POSITIVE] AVG found a virus in Scanahand

Post your bug reports here. Include information that helps us to understand and reproduce the bug.
Post Reply
mully
Posts: 14
Joined: Tue Nov 03, 2009 12:09 pm

[FALSE POSITIVE] AVG found a virus in Scanahand

Post by mully »

Hi,

AVG today found something called THEMIDA in the scanahand.exe.....
I'm guessing this is a copy protection thing but wanted to make sure.

cheers,
mully
León Fridsma
Posts: 694
Joined: Mon Dec 07, 2009 10:26 am
Location: De Bilt, Netherlands
Contact:

Re: AVG found a virus in Scanahand

Post by León Fridsma »

Yes, it's a copy protection thing.

It's a so called false-positive on scanahand.exe . The reason it's a false positive is because some virusses use THEMIDA to hide their true intentions and AVG cannot see/scan what scanahand.exe will do when it's executed. Our software is however 100% virus, ad and spyware free.
Dick Pape
Top Typographer
Top Typographer
Posts: 1360
Joined: Wed Oct 01, 2003 1:19 pm
Location: North Dallas, Texas

Re: AVG found a virus in Scanahand

Post by Dick Pape »

I got one of those things from AVG on FC since yesterday. Every time I start FC I get the warning. What can be done to stop the messages? Dick
Erwin Denissen
Moderator
Moderator
Posts: 11107
Joined: Fri Oct 04, 2002 12:41 am
Location: Bilthoven, The Netherlands
Contact:

Re: AVG found a virus in Scanahand

Post by Erwin Denissen »

I suggest you report the false positive, and kindly ask them to solve the problem with their software.
Erwin Denissen
High-Logic
Proven Font Technology
Dick Pape
Top Typographer
Top Typographer
Posts: 1360
Joined: Wed Oct 01, 2003 1:19 pm
Location: North Dallas, Texas

Re: AVG found a virus in Scanahand

Post by Dick Pape »

Got info through their Forum:
AVG Msg.jpg
AVG Msg.jpg (39.01 KiB) Viewed 46342 times
Glad it wasn't H-L!
Erwin Denissen
Moderator
Moderator
Posts: 11107
Joined: Fri Oct 04, 2002 12:41 am
Location: Bilthoven, The Netherlands
Contact:

Re: AVG found a virus in Scanahand

Post by Erwin Denissen »

Thanks for letting us know!
J-Mac
Posts: 5
Joined: Mon Dec 08, 2008 6:35 am

Re: AVG found a virus in Scanahand

Post by J-Mac »

Wow! I'm glad I found out you've added Themida to Scanahand. BTW, it is not a false positive when an AV flags Themida. This has been discussed much in several security forums and in some AV forums also. Themida wraps a program's core files in order to protect them from so-called reverse engineering. However Themida itself was cracked (reverse engineered, if you will) and virus authors can - and do - insert their own files into the Themida wrappers so to speak. Anti-Virus programs need to be able to examine files in order to determine if they are infected but they cannot examine any files that are masked by Themida. So yes, Themida is considered a serious risk by virtually all AV developers because of this.

Personally I won't allow it on any computer of mine, so I guess I won't be able to upgrade.

Jim
Erwin Denissen
Moderator
Moderator
Posts: 11107
Joined: Fri Oct 04, 2002 12:41 am
Location: Bilthoven, The Netherlands
Contact:

Re: AVG found a virus in Scanahand

Post by Erwin Denissen »

J-Mac wrote:Wow! I'm glad I found out you've added Themida to Scanahand. BTW, it is not a false positive when an AV flags Themida.
Two facts:
- AV flags our software
- Our software is free of viruses and malware

To me it is definitely a false positive.
J-Mac wrote:Anti-Virus programs need to be able to examine files in order to determine if they are infected but they cannot examine any files that are masked by Themida.
Then it is time they fix their detection algorithm.
J-Mac wrote:Personally I won't allow it on any computer of mine, so I guess I won't be able to upgrade.
We would be out of business very soon if we did add viruses to our software. Do you honestly believe we did this?
Erwin Denissen
High-Logic
Proven Font Technology
Erwin Denissen
Moderator
Moderator
Posts: 11107
Joined: Fri Oct 04, 2002 12:41 am
Location: Bilthoven, The Netherlands
Contact:

Re: AVG found a virus in Scanahand

Post by Erwin Denissen »

Update:
I've just tested our software with the latest version of AVG (9.0.0.730), and it no longer flags our software. So they must have fixed their detection algorithm. :D
Erwin Denissen
High-Logic
Proven Font Technology
Dick Pape
Top Typographer
Top Typographer
Posts: 1360
Joined: Wed Oct 01, 2003 1:19 pm
Location: North Dallas, Texas

Re: AVG found a virus in Scanahand

Post by Dick Pape »

Mine went away as they promised on the next AVG update.
wonderingguy
Posts: 2
Joined: Wed Nov 03, 2010 11:31 am

Re: AVG found a virus in Scanahand

Post by wonderingguy »

Erwin Denissen wrote:We would be out of business very soon if we did add viruses to our software. Do you honestly believe we did this?
Not you, but as explained above some OTHER guys are able to insert undetectable virus code in your software - because they cracked the protection scheme.
Erwin Denissen
Moderator
Moderator
Posts: 11107
Joined: Fri Oct 04, 2002 12:41 am
Location: Bilthoven, The Netherlands
Contact:

Re: [FALSE POSITIVE] AVG found a virus in Scanahand

Post by Erwin Denissen »

As long as you download our software from our website, you'll be fine. If you want viruses, then just Google for "FontCreator crack or serial" and you'll get hundreds of results which contain our software packed with malware, trojans, and viruses.

Our site has never been hacked, and even if it was hacked, you can still make sure the software is safe by checking the digital signature of the installation file. It should show it is valid and signed by High-Logic B.V.
signed.png
signed.png (54.12 KiB) Viewed 45478 times
Erwin Denissen
High-Logic
Proven Font Technology
ShawnDion
Posts: 34
Joined: Sun Aug 24, 2014 1:08 pm

Re: [FALSE POSITIVE] AVG found a virus in Scanahand

Post by ShawnDion »

Themida?

Lucky I'm still on Windows XP and I can control the code of this beast. I trust the NSA more than I trust this company crap shoot and lucky for me I have a Th monitor tool worst company to deal with in my opinion but considering kiddie piracy rates can't blame you.

But you do realize that if people end up with back doors like Giveawayoftheday website extremely viral way of using Themida only going to cripple sales.

Anyone with 360 security pc's will crash and reboot so that's my warning.

Shawn
Erwin Denissen
Moderator
Moderator
Posts: 11107
Joined: Fri Oct 04, 2002 12:41 am
Location: Bilthoven, The Netherlands
Contact:

Re: [FALSE POSITIVE] AVG found a virus in Scanahand

Post by Erwin Denissen »

This is an outdated topic, as we've stopped packaging our software with Themida a couple of years ago.
Erwin Denissen
High-Logic
Proven Font Technology
Post Reply