Recently , when i wrote an application in Delphi 7 and tried to compile the program , the virus scanner identified it immediately as a virus and then deleted the exe.

I was in a shock for few weeks while making some research on it to see if i was really creating a virus while compiling the Delphi Program.I was also worried if it was the virus that affects the Delphi 7 IDE that was in news recently.

Check the following links about this .

To confirm this , i made the following tests.

  • I had MCafee installed in my system , and the virus was initally detected as Generic ! dmx , but with one of the latest update showed it as a different name ( PWS – Banker ) see the below screenshots .Detect1
  • Immediately i tried installing a new virtual machine and this time had different antivirus ( Avast ).With the latest updates installed too, i was able to run the program smoothly,nothing detected.
  • Now,i switched to the virtual machine with MCafee . This time though i only included the version info in to the project as per the below screenshot and to a surprise,i was able to compile and run the program perfectly .
  • The MCafee scanner doesnot detects it as virus if the exe description is given for the project as specfied below.
  • DetectSolution1
  • I Could also compile and run the application if i had multiple unit files and MCafee detects it as a virus if there was only one unit file .
  • I built an exe with a system without any antivirus and sent it to MCafee and clearly the exe with the version infor was clean but without version info might be a heuristic detection .
  • I submitted the exe to VirusTotal to check it against other AV Tools and to a surprise nothing was detected again

I was also told by few forum members that this had been a problem frequently faced.Still i feel the mCafee detects this inline with the virus . Waiting for the proper solution and if this is a false positive ? from the community

Share