Reputation: 799
Delphi exe using Indy will be taken as Virus?
I am using Delphi XE3 with its built-in Indy.
I find whenever I build a project which uses Indy IdHTTP component, then Kaspersky will take the built .EXE file as infected a virus called HEUR:Trojan.Win32.Agent.gen.
I think this is a false positive so I report this to Kaspersky, but several weeks passed, no one answers.
Has anyone else encounter such a problem?
Thanks
Upvotes: -1
Views: 1622
Answers (2)
Reputation: 88
I've encountered this recently and aside from the tips given by others, it might help if you choose a different target. 32-bit Delphi apps are prone to encountering false positives but 64-bit Delphi apps are less so.
Upvotes: 1
Reputation: 8088
Specific answer to your question - yes, this sometimes happens.
The best work around is to digitally sign your executables. Microsoft and AV companies typically look favorably at properly signed executables.
Otherwise, you can report this false-positive to Kaspersky and they may eventually correct it. But, it will occur randomly in the future from Kaspersky or any other anti-malware solution.
Some related links:
- Signing a Windows EXE file
- https://www.digicert.com/code-signing/signcode-signtool-command-line.htm
- For most impact, get an Extended Validation (EV) code signing cert: https://www.digicert.com/code-signing/ev-code-signing/
Note from the vault: You can also try changing the user-agent on your HTTP-post. This worked many years ago as a workaround.
Upvotes: 4
Related Questions
- Indy 10 for Delphi 7
- Virus in Delphi 7
- Antivirus False positive in my executable
- Can I use Indy10 as-is, without installing a package
- Can I install Indy for delphi xe6?
- Files built with Delphi 2010 report virus/trojan
- Delphi7 created exe on intel galileo windows
- Indy 10 with Delphi 2006: Workable? Drop in for an Indy 9 app?
- Delphi with indy
- Why is Indy 9 included with Delphi 2009? Is it safe to use?