Watch, Follow, &
Connect with Us

For forums, blogs and more please visit our
Developer Tools Community.


Welcome, Guest
Guest Settings
Help

Thread: A Windows service, written by me using Delphi XE3, is detected as a virus. Questions.



Permlink Replies: 2 - Last Post: Apr 6, 2018 3:10 AM Last Post By: Matthew Jones
Pablo Romero

Posts: 21
Registered: 9/28/00
A Windows service, written by me using Delphi XE3, is detected as a virus. Questions.
Click to report abuse...   Click to reply to this thread Reply
  Posted: Apr 5, 2018 2:28 PM
Folks:

I have a real problem: many antivirus say that a Windows service,
written by me using Delphi XE3, it's a virus.

I have reviewed everything and I do not have a virus or any source code
infected with viruses.

May be it's a false positive. But in the meantime, the antivirus delete
my Windows service.

My Windows service uses a port that must be opened in the Windows
Firewall: port 81. Through that port, it connects sometimes with my
webservice, made in Delphi XE3 too.

It's an IIS webservice that listens on its port 81, too.

The webservices is used for information purposes and updates another
software made by me.

The traffic is done with XML SOAP packages and the ports are normal
ports. The service uses the webservice WSDL it and sends/receives
compressed files with the Delphi Lockbox package.

All it's working...until lot of antivirus block it. Some clever users go
to the antivirus configuration and work with the
exclutions/exceptions...but some users don't. For them, I'm a virus creator.

Is there any way, at the design level, to avoid this problem? SSH? SSL?
Other ports?

Any ideas?

Regards.

Pablo Romero
Cordoba, Argentina
Remy Lebeau (Te...


Posts: 9,447
Registered: 12/23/01
Re: A Windows service, written by me using Delphi XE3, is detected as a virus. Questions.
Click to report abuse...   Click to reply to this thread Reply
  Posted: Apr 5, 2018 3:03 PM   in response to: Pablo Romero in response to: Pablo Romero
Pablo Romero wrote:

I have a real problem: many antivirus say that a Windows service,
written by me using Delphi XE3, it's a virus.

Many anti-viruses can report false positives. That goes double for
Delphi apps, because many viruses are written in Delphi, and sometimes
anti-viruses trigger off of known code bytes that actually belong to
the Delphi RTL.

I have reviewed everything and I do not have a virus or any source
code infected with viruses.

If you know your EXE is not infected (you have checked it with multiple
anti-viruses, especially online ones), then just ignore the warning,
configure an exception in your anti-virus to ignore your service
(and/or your development environment), and report the issue to the your
anti-virus vendor.

Is there any way, at the design level, to avoid this problem?

Nope.

SSH? SSL? Other ports?

This issue has nothing whatsoever to do with the ports you use or how
you connect your service to your webservice.

--
Remy Lebeau (TeamB)
Matthew Jones

Posts: 337
Registered: 1/25/98
Re: A Windows service, written by me using Delphi XE3, is detected as a virus. Questions.
Click to report abuse...   Click to reply to this thread Reply
  Posted: Apr 6, 2018 3:10 AM   in response to: Remy Lebeau (Te... in response to: Remy Lebeau (Te...
Remy Lebeau (TeamB) wrote:

and report the issue to the your
anti-virus vendor.

When I used to have this problem, AVG were very good and provided me with a special FTP account to upload new versions to. However, when they changed to certificate acceptance, they didn't need to because my code signing made all updates legitimate, so that's the first step I'd take here - be sure to code sign the service exe.
Legend
Helpful Answer (5 pts)
Correct Answer (10 pts)

Server Response from: ETNAJIVE02