20

I have created a C# program and I recently noticed that when I merge my referenced .dlls into one executable .exe file using IL Merge, my Anti Virus (Avast) immediately deletes it and says that it's a virus. I always make lots of back ups so I tested the same thing with a back up from 2 days ago and I didn't experience this problem.

So I deleted my recent code line by line and noticed what is triggering the program to be detected as a virus. I have a void where I check if a list of files exist in a specified path (in my apps folder located in %appdata%). The void has around 8 File.Exists(path) commands and removing these 8 lines my program is no longer detected as a virus.

So my question is , is there any solution to this problem ? Why is my program detected as a virus just because i'm using File.Exists ?

Harry
  • 301
  • 1
  • 4
  • 9
  • 2
    A [similar question](http://stackoverflow.com/q/39820720/11683) was deleted, so I would copy my comment from there: *I don't think there can be a definite or lasting answer given the nature of heuristics. Yes, `File.Exists(path)` could set it off, but we can't know for sure; yes, it would be an example of naive heuristics and it could change in a next release. False positives happen, what you can do about it is submit your app as a false positive to the vendor.* – GSerg Dec 04 '16 at 15:55
  • In this example it's definitely 'File.Exists(path)' setting it off because I kept all the other code the same. – Harry Dec 04 '16 at 15:58
  • 3
    In theory you could use their "report false positive" form to send your app so that it is no longer reported https://www.avast.com/false-positive-file-form.php In practice, your request could just be ignored and you will suffer what other suffer too - Avast has one of the largest number of false positives reported. – Wiktor Zychla Dec 04 '16 at 16:01
  • 1
    The problem is. This will be my first application I will publish. If people see that a virus is triggered (regardless of a false positive) I will lose my legitimacy. I don't want people thinking they have downloaded something unsafe. – Harry Dec 04 '16 at 16:04
  • Welcome to the real world, Neo. And seriously, rewrite the code so it no longer triggers Avast. No other reasonable advice. Went throught that too. – Wiktor Zychla Dec 04 '16 at 23:52
  • 3
    I think its not code File.Exists, its what your program is accessing the app data folder, different path will not show as a virus –  Dec 14 '16 at 18:49

2 Answers2

17

Have you provided an AssemblyInfo.cs with at least the "name, author and description" field (not the default values)? I had a similar issue about 1 year ago and this solved the problem for me.

Max
  • 286
  • 2
  • 5
9

Please change the "Guid" in AssemblyInfo.cs a little, then try again.

That worked for me.

SuperBerry
  • 1,193
  • 1
  • 12
  • 28