News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

Virus warning on ml.exe and link.exe

Started by mkdutchman, December 13, 2007, 02:01:59 PM

Previous topic - Next topic

mkdutchman

Hi all,
I'm new here and just started using MASM some time ago. I have a couple years experience programming with Microchip PICs but none with Intel or Windows......anyhow my biggest problem right now is that AVG antivirus is giving me a virus warning on ml.exe and link.exe, stating that they contain the ldpinch trojan horse. I'm suspicious that it's just a false alarm, but I'd like to check if anyone has one of each file that they know is clean, and if you do can you obtain the file checksum? I'll just compare that with my files and go from there.........

MichaelW

Hello mkdutchman, welcome to the forum. For the ML.EXE (6.14.8444) and LINK.EXE ( 5.12.8078) included in the MASM32 package, I get the following md5 sums:

ML.EXE    372736  b54b173761ac671cea635672e214a8de

LINK.EXE  462899  dec627e7e8aa84087b4841117fd89b93
eschew obfuscation

mkdutchman

Perfect. That's exactly what I'm looking for.

hutch--

Hi mkdutchman,

Welcome on board. It is not uncommon to see false positives in AV software these days, the vendors err on the side of caution rather than accuracy on a regular basis. I would be inclined to again install the masm32 project to make sure you get the two binaries directly as they are supplied and BEFORE you run either executable, test them to see if there is still a problem.

If the AV scanner still reports a problem, send the two binaries to them explaining the problem as they are directly from Microsoft and have safely installed on millions of computers over time.
Download site for MASM32      New MASM Forum
https://masm32.com          https://masm32.com/board/index.php

mkdutchman

I think it should be working now, AVG does give you the option to put exceptions in for potential false alarms etc. I just wanted to verify those checksums, they're exactly what I have, BTW