I sent my program a mini-game to my friends, written in c # - the antivirus found HEUR / QVM03.0.0000.Malware.Gen in it. Although of course I did not write any viruses there. Please tell me what could be the matter.
Vonnengut vonnengut
38 five
- 3For example, there may be a false positive. Try making small changes to the code and recompile. - VladD
- stackoverflow.com/questions/33998715/… here is a similar problem. Below is the answer that you can try to do. Well, we can not exclude that the virus eventually really clung to the executable. - Andrey Golikov
- Look for "related" files on VirusTotal for similar signatures - there is a possibility that Security 360 was not mistaken. - AseN
- This is False Positive - a false positive. In such cases, I send the file by mail to the authors of the antivirus and they update the database. - nzeemin
|
2 answers
First, you do not have the virus . It's just antivirus "heuristics" dug up suspicious patterns. The "suspicious patterns" include the use of packers, games with sections of the executable file, and other completely harmless things.
I remember very well how my file, which is the single-line equivalent of RunDll32, but with the resource manifest, half of the “antiviruses” were considered suspicious only because I used the rare FSG packer.
"Heuristics" are useless a little less than completely. They - almost the only source of false positives.
Secondly, Qihoo-360 is a muddy Chinese antivirus that nobody has heard of . His results will only be seen by paranoids who regularly rock cracks, which is why they are accustomed to orient themselves to VirusTotal (well, the Chinese).
Thirdly, normal antiviruses have the ability to report false positives . Send them your file, after some time with some probability there is an update in which your file is no longer detected.
Note that when changing any byte in your file, the antivirus may start to work again. No guarantees. Simply "heuristics" are really so useless.
Athari athari
one
- Well, about "about which no one has heard" - I would not say that. According to statistics, it is the 3rd most popular in Russia, after Kaspersky Anti-Virus and avast. But as far as I know, the distribution method is really “dreary” - it is automatically installed with various programs (if not unchecked), with the “Mail.Ru kit”, “Amigo” and other heresy .. - Sergey Rufanov
- @SergeyRufanov The reputation of this antivirus is dampened not only because of the method of distribution, but also because of cheating to get a rating. - Athari
|
The "virus" disappeared on the Security 360 scanner, after in the project settings window in the publish tab, I returned all settings to those that were by default. (I did not change the code of the program itself)
Vonnengut vonnengut
38 five
|