Detecting by avast

c++ / delphi package - dll injection and api hooking

Detecting by avast

Postby pambol » Wed Jul 04, 2018 3:21 pm

InjectLibraryW and UnInjectLibraryW are being detected by avast (behavior module)
pambol
 
Posts: 22
Joined: Sat Jun 23, 2018 1:15 am

Re: Detecting by avast

Postby madshi » Wed Jul 04, 2018 5:26 pm

Is Avast writing text like "detected InjectLibraryW"? Or how do you know it's detecting InjectLibraryW?

Checking with my PrintMonitor demo on www.virustotal.com:

http://madshi.net/PrintMonitor.zip

It seems Avast actually reports it as clean, although Kaspersky complains. Unfortunately false positives are very usual these days. I can't really do anything against false positives. All we can do is complain to the AV companies who're producing false positives so that they correct their mistake.
madshi
Site Admin
 
Posts: 9774
Joined: Sun Mar 21, 2004 5:25 pm


Return to madCodeHook

Who is online

Users browsing this forum: No registered users and 8 guests