[MumbleLink] MemoryAccess and Virusscanners
Gil.9346:
Hi,
I’m using a C# example from this forum for reading the MumbleLink data from memory in a WPF dotNet 4.5 application. This must be done in a “Unsafe” section. Now virusscanners (Avira somtimes, Avast often) consider my program a trojan or give warnings. Avast even requested a deep scan once which said “Ok” afterwards.
How can I avoid the virusscanners complaining about my program?
Thanks and Greetings,
Gil/Comes Mors
quenoz.3859:
there probably wont be a workaround for this as the kind of activity (reading out that info from the RAM) will always be considered suspicious, unless you can get your tool known enough to be on a whitelist i am guessing.
Tom Deluxe.9105:
I have a C++ application to do the same and some friends told me about Avast warning them. It follows that Avast has some kind of cloud service that tracks the reputation of apps. If it doesn’t know about your app, it will put it in the sandbox, unless the user tells it not to. After some users allow your program to be executed it should earn some good reputation in their cloud, and Avast will not put it in the sandbox in theory :S
Another solution i’ve read is to digitally sign your program with a Microsoft signature, but i don’t know how many people here will waste 500$ for that xD
A possible solution? Try to share your app with as many friends as you can and hopefully their virusscanners will put your app in the whitelist.
Gil.9346:
k, thx for the answers! I’m in contact with another developer via pm to set the memory file access rights correctly, I’ll try that and the overlay will soon be shared among our server.
Thanks,
Gil/Comes Mors
Pentose.3479:
Just a note, you don’t actually need to do this in an “unsafe” section. .Net 4 introduced System.IO.MemoryMappedFile that lets you do this. I have some code doing this at https://wuvoverlay.codeplex.com/SourceControl/latest#Gw2Rankings/GuildWars2PositionManaged2/GuildWars2Position.cs