How to avoid using .exe file as "The file can be dangerous" with antivirus?
The .exe I am creating is currently recognized by Avast as "This file can be dangerous." This is not a false positive because the antivirus software finally doesn't find any virus in it, but simply signals that this file has been "rarely downloaded".
I contacted Avast but they don't seem to offer a solution other than sending them the .exe to whitelist.
Things I've tried but this didn't solve the problem:
-
Build a file
resource.rc
in Visual C ++ with details about .exe:BLOCK "StringFileInfo", VALUE "CompanyName", "MyCompany\0"
etc. -
Use
makecert
,certutil
,signtool
as described in this answer: How to create a self-signed certificate for code signing in Windows?
Things that won't work:
-
Add to local exception avast (I can't ask every client to do this!)
-
Repeat "Send File to Avast Lab for Scanning" for each new .exe build. Unable to scale to resubmit the .exe to Avast (and all other 50+ antivirus programs!) For every new build.
-
$ 200 / year code signing fee (this might work, but I don't think it's fair that you need to buy back $ xxx a year just to be whitelisted)
Are there general solutions that can help avoid "antivirus alerts" with an infrequently downloaded file / file might be suspicious?
Note. I have read How to prevent my .exe from being used as malware? , How can I make my software was not detected by the antivirus? but it didn't really touch the topic here.
Note2: I have read these guidelines , etc., but it has not helped at this time.
source to share
It depends on what this one will do exe
. I have seen these balloons twice.
First when I add some compiled assembler code to the exe file (signed?) And another happens when I unroll the whole system hook to catch all keystrokes on the system while the application is inactive ( exe
wasn't enough for it and had its own dll
).