-1
I have an application that I tried in C# to use Confuserex to try to make decompilation a little difficult, but now Bitdefender recognizes it as a Trojan, no matter what I do, change namespace etc... Funny that only in Debug mode it recognizes as a Trojan, if I run in Release mode it passes beaten, someone has had some similar problem?
1
The problem is that the antivirus Bitdefender found some piece of code similar to a virus in your application. But antivirus generally aren’t smart enough to distinguish them from a secure application.
In that case, I recommend switching the obfuscator for two reasons:
First, by compiling the application in release mode and applying code obfuscation, Confuserex must be generating some piece of code that Bitdefender considers suspicious.
Second because the Confuserex project is dead and has not received any updates since 2016. Compatibility of the tool with the msbuild stopped in the version 14.0 (Visual Studio 2015) and the .Net Framework in the version 4.5.
1
The use of obfuscator makes your application suspicious because you are intentionally hiding your source code. There is no other purpose for an obfuscator than to hide the construction of a binary on your target machine.
Furthermore, it is semantically impossible to fully protect your application against decompilation. Obfuscator only makes it harder, just like Trojans and Crypters. Here I explained what makes an app "potentially dangerous" and how you can get around it.
About in Debug it be recognized as a virus and in Release no, it is by the sessions where they are being called. In Visual Studio, when you debug a program, you start it on a server dedicated to VS debugging, however, an external binary performs the operations and forwards the addresses to the output executable.
After compiling in Debug, the generated symbols are also passed as Debug and have a structure where the vscode.exe be monitoring (but not required). In short, the build architecture varies from the compiler parameters. This is also understood from anti-virus to anti-virus. Each has its own algorithm.
Browser other questions tagged c# visual-studio antivirus
You are not signed in. Login or sign up in order to post.
What kind of application is it (desktop, console, web)? Is this problem happening in the development, testing or production environment? This application is distributed to only one specific customer or multiple customers?
– user131248
Desktop, a simple application to generate ZPL labels for Zebra, on all company machines that use Bitdefender, even in which I develop the application.
– Marcos Barbosa
Yes, this is a fairly common problem in off-the-shelf software. Especially when overshadowed.
– user131248