0

I'm trying to release a piece of software, the only thing it does which in my eyes which might seem suspicious to an anti virus program is read process memory. Yet it still triggers a false positive on this anti virus.

Which to me makes no sense at all, because when I made a completely new WinForms project, completely vanilla. It still triggered a false positive. Which is bad from my point of view. Because it makes it seem like I'm trying to infect the people who download/use my software.

Thanks

Shynd.

Shynd
  • 1
  • 1
  • Just a wild guess -- maybe the AV triggers on anything that is not SIGNED code? Take a look at this post: http://stackoverflow.com/questions/28775519/c-sharp-app-appears-false-positive-in-avg-antivirus – David Tansey Jun 02 '16 at 04:31
  • Thanks, David. I've tried signing the assembly. But, I'll take you up on your answer and check if other people have have the same issue as me (although I did check before posting here). Since it considers a fresh project a hazard I can't be the only one. – Shynd Jun 02 '16 at 04:56
  • Welcome to StackOverflow #SOReadyToHelp – David Tansey Jun 02 '16 at 04:57
  • On April 13th 2016, enabling ClickOnce and setting the build config to Release avoid the false positive from Qihoo, apparently now they mark those too as malware. I say just ignore Qihoo for now, their [behavior](http://vrworld.com/2015/05/04/qihoo-360-antivirus-cheating/) is unworthy for [security vendor](http://www.scmagazine.com/bribery-helped-criminals-whitelist-malware-in-chinese-antivirus-product/article/489101/) – Martheen Jun 02 '16 at 07:12

0 Answers0