Author Topic: How do you deal with false positives from Anti virus companies  (Read 606 times)

0 Members and 1 Guest are viewing this topic.

Offline joecornish981

  • Newbie
  • *
  • Posts: 1
One application is currently getting detected by a false postive for virus by Avast and ClamAV ( Never heard of last one).

I have contacted both and waiting for reply from them, but i guess that takes it time (24 hours ++ now). So what im looking for a resource to check if for part of my code is being falsely detected UPSers, i personaly assume ME and the person who write a virus at one point simply have commen sample code?

I dont have the technical ablities so i could disable the AV and find what signture is triggering ( And i assume companies protect this information). So my question boils down to, is there any resource i can use to check part of my code is being detected?

Extra information:

Link to VirusTotals:
My application is digitaly signed, and "my" signature has a postive rating at least with MS and never heard anyone complain that its blacklisted.
My application does have background update checking and error reporting ( update check is done via http)
I have off course scanned my computer used for compiling for viruses ( Both MS and NOD32 )
Application gets detected as a false positive detection even when its just zipped and not in a installer.
Link to information about what my app is being falsly detected as (Thx to Flanfl )
The ppl voiting "close", please actual read the topic Antivirus False positive in my executable, one is about Delhpi coding. Mine is generic and has a 2 actual replies that helpfull to my case.
« Last Edit: April 05, 2019, 06:19:59 AM by joecornish981 »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36989
Re: How do you deal with false positives from Anti virus companies
« Reply #1 on: April 04, 2019, 08:20:09 AM »
Quote
ClamAV ( Never heard of last one).
ClamAV  >>  https://en.wikipedia.org/wiki/Clam_AntiVirus



Quote
i personaly assume ME and the person who write a virus at one point simply have commen sample code?
It could be a behaviour detection?  what detection name does avast give

If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck.... but in the world of computers it sometimes is wrong


See how to report/whitelist
https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438



« Last Edit: April 04, 2019, 11:41:35 AM by Pondus »