Jump to content

C# Program detected as Trojan


Go to solution Solved by Flood and Flood's wife,

Recommended Posts

Posted

Hello everybody,

 

recently I’ve been getting a problem while trying to test out a simple program I’m working on.

Basically, as soon as I hit the compile button on Visual Studio, Kaspersky detects it as a Trojan and I can’t test my app anymore.

 

Here you can take a look at some data regarding the “Trojan”: 

Application Name: MSBuild.exe
Application Path: C:\Program Files\Microsoft Visual Studio\2022Community\MSBuild\Current\Bin\amd64
Component: Anti-Virus File
Result Description: Deleted
Type: Trojan
Name: HEUR:Backdoor.MSIL.Generic
Accuracy: Heuristic Analysis
Danger level: High

 

And here you can take a look at my code, it is just supposed to verify an input from a textBox, that’s it:

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;

namespace ATM_TEST_3
{
    
    public partial class Form1 : Form
    {
        public Form1()
        {
            InitializeComponent();
            textBox1.Text = textPass;
            textBox1.ForeColor = Color.Gray;
        }

        private string password = "PASS";
        private string textPass = "Inserisci il codice utente";

        private void button1_Click(object sender, EventArgs e)
        {
            Application.Exit();
        }

        private void button1_MouseEnter(object sender, EventArgs e)
        {
            button1.BackColor = Color.Red;
            button1.ForeColor = Color.White;
        }

        private void button1_MouseLeave(object sender, EventArgs e)
        {
            button1.BackColor = Color.SteelBlue;
            button1.ForeColor = Color.Azure;
        }

        private void button2_Click(object sender, EventArgs e)
        {
            if (textBox1.Text == password) 
            {
                MessageBox.Show("Password corretta!");
            }
            else
            {
                MessageBox.Show("Password non corretta!");
                textBox1.Text = textPass;
                textBox1.ForeColor = Color.Gray;
                textBox1.PasswordChar = '\0';
            }

            if (textBox1.Text.Length == 0)
            {
                textBox1.Text = textPass;
                textBox1.ForeColor = Color.Gray;
                textBox1.PasswordChar = '\0';
            }
        }

        private void textBox1_Enter(object sender, EventArgs e)
        {
            textBox1.Text = "";
            textBox1.PasswordChar = '*';
        }
    }
}

 

Please let me know.
 

 

 

  • Solution
Flood and Flood's wife
Posted

Hello @Just_Alberto

Welcome!

  1. (please) Read before you create a new topic!
  2. Has an exclusion been created for the program? IF “no”, see steps at the end of our reply. 
  3. You may wish to submit the program for analysis as follows: sign into Kaspersky's Threat Intelligence Portal, select File analysis tab, upload the file, select Private submission, select Analyze, at the end of the scan, select Submit to reanalyze, fill in the Send object for re-validation popup, select Send.
  4. & log a case with Kaspersky consumer support, either via Chat or Email, select Malware, False positive template. Zip the program & password protect the zip file with password “Infected” (no quotes) - add the Zip file & the password to the problem details. Support may request logs, traces & other data, they will guide you. Also, it may help them if you provide images & or a video of the issue. 
  • If selecting Chat option, we recommend you request a copy of the chat transcript, make sure you fill in your email address AFTER the chat is activated by the Chat agent & complete the Verify your email address email AFTER the chat completes.
  • When it’s available, please share the outcome with the Community? 

Thank you🙏

Flood🐳+🐋

 

⚠  Only if you trust the object, to create an exclusion, please try the following:

  • Open KIS, select Settings, select General, select disable Perform recommended actions automatically.
  • Kaspersky will ask you to decide which action to take on detected objects
  • Select for “Quarantine
  • Restore the quarantined object.
  • Create an exclusion rule for the object .
  • Go to KIS, select Settings, select General, select enable Perform recommended actions automatically
  • Reboot, shutdown the computer using Shutdown, not Restart, power on, login, recheck the program? 
Posted

Hello Flood🐳+🐋

First off, thanks for your kind reply. I appreciate that!

  1. All right, got it.
  2. I tried to follow along your steps, but the problem seems to be there still, but it’s not a big deal since I can just start from scratch (the exercises that I’m doing are all quite simple).
  3. Yes, I think reporting it to the developers might be a good solution. I noticed though, that the reason why Kaspersky thought that my application was a trojan was because it was going into stack overflow! But it shouldn’t be Kaspersky’s matter if the application goes into stack overflow since Visual Studio is already letting me know about it.
  4. Thanks.

I’ll let you know, hopefully this will get fixed right off the bath.

 

Alberto

Posted

Hello,

 

they’re going to fix it. A solution should be available by the end of the day.

 

Alberto

Flood and Flood's wife
Posted

Hello,

they’re going to fix it. A solution should be available by the end of the day.

Alberto

Hello @Just_Alberto

That’s brilliant!

Thank you so much for taking the time to let us know🙏

Flood🐳+🐋

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...