Prevent self-developed software from being diagnosed as a virus

C

Chau Chun

New Member
Thread author
May 31, 2019
1
Let me describe my situation, I develop some accounting software of VB winform to use, normaly my software will modify registry to set offcie trusted location and whether the user who reads in registry has admin authority. However, I found here that it is no problem for VirusTotal to scan my exe on the first day after I developed the software. But after a few days, VirusTotal will appear and say that my exe is a virus,this makes my exe in the another computer antivirus detect as a virus, even if I run scaning on VirusTotal on the first day.
  1. Why is it not a virus on the first day, but later diagnosed as a virus?
  2. Is reading registry or modifying registry the cause of the diagnosed virus?
  3. Any documentation or any behavior that is not allowed?
  4. What can be done to avoid this problem other than to file a false positives list after it is detected as a virus
 
  • Like
Reactions: Vasudev, CyberTech, roger_m and 3 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,510
Chau Chun said:
Let me describe my situation, I develop some accounting software of VB winform to use, normaly my software will modify registry to set offcie trusted location and whether the user who reads in registry has admin authority. However, I found here that it is no problem for VirusTotal to scan my exe on the first day after I developed the software. But after a few days, VirusTotal will appear and say that my exe is a virus,this makes my exe in the another computer antivirus detect as a virus, even if I run scaning on VirusTotal on the first day.
  1. Why is it not a virus on the first day, but later diagnosed as a virus?
  2. Is reading registry or modifying registry the cause of the diagnosed virus?
  3. Any documentation or any behavior that is not allowed?
  4. What can be done to avoid this problem other than to file a false positives list after it is detected as a virus
Click to expand...
That is normal. You have to upload your installer and executables to AV vendors and ask for whitelisting. For example:

Submit a file for malware analysis - Microsoft Security Intelligence

Submit suspected malware or incorrectly detected files for analysis. Submitted files will be added to or removed from antimalware definitions based on the analysis results.
www.microsoft.com
www.avast.com

Whitelist program registration Form

www.avast.com www.avast.com

Report a Suspected Erroneous Detection (False Positive)

Report a false positive, false alarm, false ID, or dispute an incorrect, bad, or erroneous detection in a Symantec or Norton product.
submit.symantec.com
There was a mail method for Emsisift:
fp@emsisoft.com
 
  • Like
Reactions: Vasudev, DDE_Server, roger_m and 3 others

Similar threads

4katzsnme
    • Like
Question What's best anti-virus/malware software is to buy for Mac?
Replies
10
Views
713
General Security Discussions
kailyn
kailyn
tracker
  • Locked
I am infected with a hijack loader that has never been detected by any antivirus software, and I cannot remove it.
Replies
7
Views
826
Windows Malware Removal Help & Support
nasdaq
nasdaq
Jonny Quest
    • Like
Question Confirming AV Exclusions/Exceptions are working, being held.
Replies
1
Views
369
General Security Discussions
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top