如何针对流行的病毒扫描程序测试我的应用程序?

发布于 2024-08-09 18:20:17 字数 577 浏览 14 评论 0原文

我需要查明我的应用程序是否被最流行的防病毒软件包(不是最好的,但用户群最大的)标记为病毒。因此我想知道其他人是如何处理这个问题的。一些背景:

我有一个用 Delphi 编写的应用程序。自从发现 Delphi 病毒以来,我的应用程序就遇到了误报问题,特别是由于某种原因我的演示版本(它们都共享相同的代码)。 AVG 一直很好,我现在可以轻松地将我的文件列入白名单,但后来我获得了最新的 DevExpress 安装程序,它也被误报。鉴于这种情况越来越普遍,我突然意识到我需要查明我的应用程序是否被最流行的防病毒软件包标记。因此我想知道其他人是如何处理这个问题的。我不希望人们下载我们的演示版本,收到反病毒警告,然后决定不尝试。

到目前为止,我唯一的选择是购买大量 AV 软件包并将它们放入虚拟机中,或者使用类似 病毒总数。后者似乎是一个理想的选择,但事实上他们将测试限制为 20Mb 以下的文件,而我的文件比这个更大。扩展功能也无需付费。 (我认为这是一个奇怪的限制,但卡巴斯基的免费检查器仅限于 1Mb!)

您如何检查您的应用程序?

I need to find out whether my apps are being flagged as viruses by the most popular anti-virus packages (not best, but biggest by user base). I therefore would like to know how others go about this. Some background:

I have an application written in Delphi. Ever since the Delphi virus was found, I've had problems with false positives on my applications, particularly my demonstration versions for some reason (they all share the same code). AVG has been good, and I can now whitelist my files easily, but then I got the latest DevExpress installer and it was false-positived too. Given this is getting more widespread, it struck me that I need to find out if my apps are being flagged by the most popular anti-virus packages. I therefore would like to know how others go about this. I don't want people to be downloading our demonstration versions, getting an AV warning, and deciding not to try it.

The only options I have so far are buying a load of AV packages and putting them in a VM, or using a service like VirusTotal. The latter seemed an ideal option but for the fact that they limit the test to files under 20Mb, and my files are bigger than this. There is no paid for option either to expand the capability. (I thought this an odd limit, but Kaperskis free checker is limited to 1Mb!)

How do you check your applications?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

若沐 2024-08-16 18:20:17

http://online.us.drweb.com/

我看不到任何文件大小限制在它上面

http://online.us.drweb.com/

i couldn't see any file size limit on it

末蓝 2024-08-16 18:20:17

对此我的想法如下:
我设置了一台具有大量磁盘空间的计算机(没什么特别的)。我将其称为 ScanPC。每次我进行构建时,脚本都会将新文件复制到 ScanPC 的构建特定目录中。这将确保我拥有可以检查的所有构建的存档。任何一项都可能已发布给客户。

现在,我再安装VMWare服务器,并设置一些虚拟PC。在每一个中,我都设置了防病毒软件来扫描网络共享,但处于只读模式,这样扫描仪就不会意外修改或删除误报。然后,每个虚拟机都可以从供应商那里自动更新,希望他们有一个电子邮件选项,可以在发现病毒时告诉我,这样我就知道这是误报,并可以向供应商报告。

这样做的好处是我有一个完整的构建存档(无论如何我都需要它),这意味着触发 AV 的客户的旧版本以及最新版本都会被识别。这意味着我可以根据需要添加或删除 AV 产品。这意味着我只需要一台计算机(性能并不重要)。

My thoughts on this are as follows:
I set up a computer (nothing special) with a lot of disk space. I'll call this the ScanPC. Every time I do a build, the script will copy the new files to the ScanPC into a build specific directory. This will ensure that I have an archive of all builds that can be examined. Any one may have been released to customers.

Now, I then install VMWare server, and set up a number of virtual PCs. In each, I set up the anti-virus software to scan the network share, but in a read-only mode so that no scanner can accidentally modify or remove the false positive. Each VM can then be automatically updated from the vendor, and hopefully they will have an email option to tell me when they spot a virus, which I will then know is a false positive and can report to the vendor.

The benefit of this is that I have a complete build archive (something I need anyway), and it means that old versions out with customers that trigger the AV are identified as well as the most recent. It means I can add or remove AV products as appropriate. It means that I only need a single computer (performance is not important).

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文