Page 1 of 1

[FALSE POSITIVE] AVG found a virus in Scanahand

Posted: Tue Jan 19, 2010 3:57 pm
by mully
Hi,

AVG today found something called THEMIDA in the scanahand.exe.....
I'm guessing this is a copy protection thing but wanted to make sure.

cheers,
mully

Re: AVG found a virus in Scanahand

Posted: Tue Jan 19, 2010 4:22 pm
by León Fridsma
Yes, it's a copy protection thing.

It's a so called false-positive on scanahand.exe . The reason it's a false positive is because some virusses use THEMIDA to hide their true intentions and AVG cannot see/scan what scanahand.exe will do when it's executed. Our software is however 100% virus, ad and spyware free.

Re: AVG found a virus in Scanahand

Posted: Tue Jan 19, 2010 5:05 pm
by Dick Pape
I got one of those things from AVG on FC since yesterday. Every time I start FC I get the warning. What can be done to stop the messages? Dick

Re: AVG found a virus in Scanahand

Posted: Tue Jan 19, 2010 6:05 pm
by Erwin Denissen
I suggest you report the false positive, and kindly ask them to solve the problem with their software.

Re: AVG found a virus in Scanahand

Posted: Tue Jan 19, 2010 7:33 pm
by Dick Pape
Got info through their Forum:
AVG Msg.jpg
AVG Msg.jpg (39.01 KiB) Viewed 14933 times
Glad it wasn't H-L!

Re: AVG found a virus in Scanahand

Posted: Tue Jan 19, 2010 8:13 pm
by Erwin Denissen
Thanks for letting us know!

Re: AVG found a virus in Scanahand

Posted: Fri Jan 29, 2010 5:28 am
by J-Mac
Wow! I'm glad I found out you've added Themida to Scanahand. BTW, it is not a false positive when an AV flags Themida. This has been discussed much in several security forums and in some AV forums also. Themida wraps a program's core files in order to protect them from so-called reverse engineering. However Themida itself was cracked (reverse engineered, if you will) and virus authors can - and do - insert their own files into the Themida wrappers so to speak. Anti-Virus programs need to be able to examine files in order to determine if they are infected but they cannot examine any files that are masked by Themida. So yes, Themida is considered a serious risk by virtually all AV developers because of this.

Personally I won't allow it on any computer of mine, so I guess I won't be able to upgrade.

Jim

Re: AVG found a virus in Scanahand

Posted: Fri Jan 29, 2010 7:53 am
by Erwin Denissen
J-Mac wrote:Wow! I'm glad I found out you've added Themida to Scanahand. BTW, it is not a false positive when an AV flags Themida.
Two facts:
- AV flags our software
- Our software is free of viruses and malware

To me it is definitely a false positive.
J-Mac wrote:Anti-Virus programs need to be able to examine files in order to determine if they are infected but they cannot examine any files that are masked by Themida.
Then it is time they fix their detection algorithm.
J-Mac wrote:Personally I won't allow it on any computer of mine, so I guess I won't be able to upgrade.
We would be out of business very soon if we did add viruses to our software. Do you honestly believe we did this?

Re: AVG found a virus in Scanahand

Posted: Fri Jan 29, 2010 8:03 am
by Erwin Denissen
Update:
I've just tested our software with the latest version of AVG (9.0.0.730), and it no longer flags our software. So they must have fixed their detection algorithm. :D

Re: AVG found a virus in Scanahand

Posted: Fri Jan 29, 2010 3:13 pm
by Dick Pape
Mine went away as they promised on the next AVG update.

Re: AVG found a virus in Scanahand

Posted: Wed Nov 03, 2010 12:41 pm
by wonderingguy
Erwin Denissen wrote:We would be out of business very soon if we did add viruses to our software. Do you honestly believe we did this?
Not you, but as explained above some OTHER guys are able to insert undetectable virus code in your software - because they cracked the protection scheme.

Re: [FALSE POSITIVE] AVG found a virus in Scanahand

Posted: Wed Nov 03, 2010 1:43 pm
by Erwin Denissen
As long as you download our software from our website, you'll be fine. If you want viruses, then just Google for "FontCreator crack or serial" and you'll get hundreds of results which contain our software packed with malware, trojans, and viruses.

Our site has never been hacked, and even if it was hacked, you can still make sure the software is safe by checking the digital signature of the installation file. It should show it is valid and signed by High-Logic B.V.
signed.png
signed.png (54.12 KiB) Viewed 14069 times

Re: [FALSE POSITIVE] AVG found a virus in Scanahand

Posted: Sun Apr 19, 2015 1:30 am
by ShawnDion
Themida?

Lucky I'm still on Windows XP and I can control the code of this beast. I trust the NSA more than I trust this company crap shoot and lucky for me I have a Th monitor tool worst company to deal with in my opinion but considering kiddie piracy rates can't blame you.

But you do realize that if people end up with back doors like Giveawayoftheday website extremely viral way of using Themida only going to cripple sales.

Anyone with 360 security pc's will crash and reboot so that's my warning.

Shawn

Re: [FALSE POSITIVE] AVG found a virus in Scanahand

Posted: Tue Apr 21, 2015 7:42 am
by Erwin Denissen
This is an outdated topic, as we've stopped packaging our software with Themida a couple of years ago.