Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

False positive detection of c# .net program by anti-virus as trojan

I have developed a windows service using C#.Net which collects data and send to my server using custom APIs on a regular interval basis with the client user's permission.

It was working fine until the user installed the anti-virus software (Kaspersky). It, false positively, detected my .exes as PDM:trojan.win32.generic, thrown away into quarantine and removed its service because I am doing web requests using HTTPWebRequest and HTTPWebResponse to push and pull data.

As for temporary, I have white listed .exes and program directory under exclusions rules in anti-virus software program settings and installed service once again. As so it is working fine for now.

But as for final solution, I want to know can we fix this within program itself (programmatically). So that any anti-virus software do not detect it as trojan or any other kind of virus as soon as my program and its service get installed.

Edit - 8th, June 2015

Earlier forgotten to mention that within service .exe it downloads its own latest .exe file to update itself. I wonder if this process is making it to appear as a Trojan.

like image 299
krishh Avatar asked Jun 06 '15 13:06

krishh


1 Answers

You can apply to have your program added to the Kasperky whitelist. You may also want to apply for the Kaspersky Lab Trusted Logo.

Other anti virus solutions offer similar whitelist programs, Symantec for example.

Going through these whitelists -IMHO- is the proper way here. If your users place their trust in those solutions your making an effort to be whitelisted i.e. labeled as trustworthy by these solutions should go a long way with your user base.

like image 51
mazerraxuz Avatar answered Oct 06 '22 00:10

mazerraxuz