Possible Duplicate:
Antivirus False positive in my executable
One application is currently getting detected by a false positive for virus by Avast and ClamAV (never heard of the latter).
I have contacted both and waiting for reply from them, but I guess that takes it time (24 hours ++ now). So what I'm looking for a resource to check if for part of my code is being falsely detected, I personally assume ME and the person who write a virus at one point simply have commen sample code?
I dont have the technical ablities so i could disable the AV and find what signture is triggering ( And i assume companies protect this information). So my question boils down to, is there any resource i can use to check part of my code is being detected?
Extra information:
The people voting to close, please actual read the topic https://stackoverflow.com/questions/3339136/antivirus-false-positive-in-my-executable, one is about Delphi coding. Mine is generic and has a 2 actual replies that helpful to my case.
If you have a piece of software that you have been using for a very long time and Avast (or other antivirus) suddenly detects (and sends it to the virus chest) it there is a possibility it is a false positive. You can report this from within the avast Virus Chest.
False positives (false alarms) are harmless files or URLs that are incorrectly identified as malicious by the antivirus program. Software programs that behave like malware or use identical file compression and protection techniques are susceptible to false alarms.
Head to the VirusTotal website and upload the suspect file or enter an URL where it can be found online. They'll automatically scan the file with a wide variety of different antivirus programs and tell you what each says about the file. If most antivirus programs say there's a problem, the file is probably malicious.
In the end, there's going to be no one technique that will solve your problem. Signing won't help, and changing names probably won't help; otherwise viruses would use those same ideas to circumvent security. Those AV products have found some chunk of code that matches the virus, and aren't smart enough to distinguish. I would suggest contacting the specific AV providers and getting them to whitelist you.
Possible solution for workaround, I'm using hstart in the automatic update system, removing this should fix my problem.
EDIT: This "fixed" my problem, they where detecting hstart.exe...
Solution for others may be the following:
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With