I'm having users report that their antivirus is blacklisting my software that I've packaged with InstallForge and after putting it up on VirusTotal I'm personally concerned about some things:
Code: Select all
- Checks if the current process is being debugged
- AV process strings found (often used to terminate AV products)
- May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)