-1

I am trying to reduce my application size with upx using --lzma compression method.

But, whenever I use upx and scan my application after compress, its shows that this application has virus. This is the virus result that comes up

Gen:Adware.Heur.RmTfWDj6fzli

If I scan the application before using upx, application is totally clean and no virus detected.

How do I avoid this issue?

I am using upx 391 from here http://upx.sourceforge.net/

Tom Brunberg
  • 20,312
  • 8
  • 37
  • 54
MartinLoanel
  • 184
  • 3
  • 17
  • 2
    Simply put don't use a packer if you want to avoid being targeted by anti malware software. It's really that simple. If you want a small executable then choose a compiler that is more economical. Or remove third party libraries. – David Heffernan May 07 '16 at 18:47
  • 4
    You can't. The problem is that malware often uses UPX to reduce size and try to conceal content, and therefore all of the virus scanners look for signs of UPX. If you don't want UPX to cause your app to be identified as being a virus, stop using UPX. – Ken White May 07 '16 at 20:11
  • Thank you @DavidHeffernan and Ken White for the information . – MartinLoanel May 07 '16 at 21:36

1 Answers1

7

You can't avoid this issue.

The problem is that malware authors often use UPX and other packers to reduce size and try to conceal content, and therefore all of the virus scanners look for signs of those packers (especially UPX, because it's readily available).

If you don't want UPX to cause your app to be identified as being a virus, stop using UPX.

Ken White
  • 123,280
  • 14
  • 225
  • 444
  • 1
    Because malware authors are not stupid they avoid using UPX. Using UPX for their malware would easily identify their malware so they use other means to conceal their malware. – user1580348 Jun 02 '18 at 22:51