C# Program False Positive Virus Detection

Sildiryan, Daron 1 Reputation point
2021-01-27T18:42:39.143+00:00

So I’ve been working on a c# program that downloads, unzips, deletes and checks some files that are used to launch some of my other applications. It also has a login system in place that creates a socket session to my login server. Every single time I make any changes to it, Microsoft Defender AV flags it as a Wacatac!ml Trojan or some other variant along with maybe 2 other ones on virustotal(along with the desktop variant of Defender). What are some things I can do to try and stop my code from being flagged as a Trojan?

Visual Studio
Visual Studio
A family of Microsoft suites of integrated development tools for building applications for Windows, the web and mobile devices.
4,677 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,365 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,779 questions
0 comments No comments
{count} votes

4 answers

Sort by: Most helpful
  1. Karen Payne MVP 35,196 Reputation points
    2021-01-27T19:52:58.533+00:00

    Best option is to configure defender to exclude your app.

    Configure and validate exclusions for Microsoft Defender Antivirus scans

    Otherwise you would need to use a certificate such as from VeriSign or similar provider of certificates.

    0 comments No comments

  2. Timon Yang-MSFT 9,576 Reputation points
    2021-01-28T02:18:23.223+00:00

    The Microsoft Defender Security Research Team published a blog where they made two suggestions to minimize false positives:

    1. Publish the application to the Microsoft Store. This is the best way for vendors and developers to ensure that their programs will not be misclassified. For customers, the applications in the Microsoft Store are trusted and verified by Microsoft.
    2. Add a digital signature to the software. Digital signature is an important method to ensure software integrity. By verifying the identity of the software publisher, the signature can ensure that customers know who provided the software they are installing or running. Digital signatures also assure customers that the software they received is in the same state as when the publisher signed the software, and that the software has not been tampered with.

    Partnering with the industry to minimize false positives


    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  3. BRUTTO, Calogero 0 Reputation points
    2024-02-21T09:28:56.0966667+00:00

    Code should be seen as safe before to be signed (should be a pre-requisite) to avoid signing code with malware embeded.

    0 comments No comments

  4. Reza-Ameri 16,836 Reputation points
    2024-02-26T20:46:04.7933333+00:00

    Please have a look at:
    https://www.microsoft.com/en-us/wdsi/filesubmission
    And you may click as Software developer and follow steps there.

    0 comments No comments