修复我的软件的防病毒检测 [英] Fix anti-virus detection of my software
问题描述
我写了一个程序(Mimer 1.1 - http://sourceforge.net/projects/mimer) / files / )和3000下载后,我发现我自己的Nod32 Antivirus检测到我的程序作为Win32 / Agent.NFIWJLP木马。我的程序有一个C ++子程序,使系统挂钩观察键盘和鼠标移动和系统中的事件(类似于一个键盘记录器,但这不是它的)。
有没有人推荐任何东西,以便我的程序不会被用户的防病毒软件删除?
我的程序所做的事情是它可以模拟用户与计算机在预定时间的交互。联系ESET并报告错误警报。如果报告了新版本,请重试。他们唯一的学习方法。
例如,AutoHotkey社区也有同样的问题。
我在Scan4You.net上扫描了DoNotRun.exe,9/32 AVs检测到它。 (请参阅报告)
- ArcaVir
- Avira AntiVir
- COMODO Internet Security
- li>
- Kaspersky Antivirus
- ESET NOD32
- A平方
- VBA32防毒软体
需要几年的时间才能与所有人联络,但有几种替代方法。你可以使用恶意软件密码器隐藏文件(很可能是一个坏主意,取决于你如何处理),但这不会永远持续,或者你可以尝试改变你的C源,忽略检测到的部分,或使用更高-level language。
I have written a program (Mimer 1.1 -- http://sourceforge.net/projects/mimer/files/) and after 3000 downloads I found out that my own Nod32 Antivirus detects my program as a Win32/Agent.NFIWJLP trojan. My program has a C++ sub program that makes a system hook to watch the keyboard and mouse movements and events in the system (similar to a key logger but that's not what it's made for).
Does anyone recommend anything for me to do so that my program doesn't get deleted by the user's antivirus software?
The thing that my program does is that it can mimic the user's interactions with the PC at a scheduled time.
Contact ESET and report the false alert. If a new version gets reported, do it again. The only way they'll learn.
As example, the AutoHotkey community has the same problem.
Edit:
I scanned DoNotRun.exe on Scan4You.net, and 9/32 AVs detect it. (see Report)
- ArcaVir
- Avira AntiVir
- COMODO Internet Security
- IKARUS Security
- Kaspersky Antivirus
- ESET NOD32
- A-Squared
- VBA32 Antivirus
It will take ages to contact all of them, but there are few alternatives. You could use a malware crypter to hide the file (most likely a bad idea, depending on how you approach this), but this won't last forever, or you could try changing your C source to omit detected parts, or use a higher-level language.
这篇关于修复我的软件的防病毒检测的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
