Ask HN: How do I get my software to stop being flagged by anti-virus vendors?

3 points by invokestatic ↗ HN
Our .NET desktop application has been detected off and on by anti-virus software as a false positive for over a year now. It is not obfuscated or packed in any way. Nothing in the binary does anything that could be construed as malicious, I think. The binary is digitally signed by my company's EV code signing certificate. It's detected as Generic/MSIL. I have tried contacting the vendors several times through their report false positives system, and have never gotten a reply.

I'm losing clients because of this. I'm really at a loss here. Hopefully someone here can help. Any help would be appreciated.

Edit: Here's a link to a virustotal scan:

https://www.virustotal.com/#/file/f4550f0c64925bca64c3759a6e279f3a5ecf88fb29d281d2b1103c6c6f5a6320/details

1 comment

[ 3.0 ms ] story [ 12.3 ms ] thread
And what does the application actually do, what libraries does it use, and how is it packed and distributed?

At some point completely innocent netcat and tcpdump were marked as viruses or rootkits, because they used some low-level network API.