[Bug] When using `"anti tamper"` on an exe and checking it at "https://www.virustotal.com/gui/home/upload" it reports a virus

mkaring / ConfuserEx

An open-source, free protector for .NET applications

https://mkaring.github.io/ConfuserEx/

MIT License

2.38k stars 370 forks source link

[Bug] When using `"anti tamper"` on an exe and checking it at "https://www.virustotal.com/gui/home/upload" it reports a virus #528

Open Smurf-IV opened 1 year ago

Smurf-IV commented 1 year ago

ConfuserEx Version:
- Latest
Target Framework:
- net 48
Operating System:
- Windows 10 22H2 x64

Steps to Reproduce: <protection id="anti tamper" />

Workaround: <protection id="anti tamper" action="remove" />

Mrgaton commented 1 year ago

its normal not a bug

sunnamed434 commented 1 year ago

Perhaps it thinking that your file using dangerous (imports/sections, etc) Win API or something like that

SimonBondyUltima commented 1 year ago

I get this as well, but only 1 out of 50+ AV vendors flag a problem, so I consider it a false positive. Also, when a virus is reported, it is a "generic" detection, not a specific virus. So the AV vendor is basically saying "I don't like the look of this, it is trying to hide something". In your scenario, what gets detected by whom?