I'm a developer, and earlier today when I tested one of my applications Norton SONAR detected it as a high risk threat. I do not know what make SNOAR think this is a virus, and I would really like to figure it out. Is there a way to see what made SONAR think this is a virus? Something like "tcp listening" or "killing application".

A little information about the application:

It is a service. Before installing it as a service, Norton 360 reports it as clean. When installing it as a service and pressing start, SONAR report it as a high threat virus and ask me to restart my computer so it can be removed. I have no idea where to start changing, since there is about 1000 lines of code.

I am running Norton 360 5.1.0.29 if that is important for you.

I can assure you that it is not a malware. It is an anti-cheating system for a game that already exists. I can change the IP the game connects to, and I know the port. Therefore I can change the IP of the game to localhost, and run a routing application on my computer. If the user should turn off the anti-cheat service, the game would also stop working. Other than routing traffic, it will look for known tools like Cheat Engine. If it should be necessary I can upload the application to the forum (?). Since the tool is still under development, applying it to the false positive form is not an option. I just want to know which part of the application that produces this warning. No one would like to run an anti-cheat system where they must disable the user’s antivirus.

Hello again mamk.

Maybe someone here will give you advice on what to avoid but my feeling is that you should produce your program to do what it is supposed to do and then when it works and is ready for use then follow up the false positives thread.

If your problem is SONAR stopping you as a developer you can exclude items from SONAR.  Open 360, select "settings", then "Anti-Virus", then "Scans and Risks", then scroll down to "Items to Exclude from Auto-Protect and SONAR Detection" and configure it to ignore your software.  As you are producing it, this would seem a fairly safe activity.

Hope that helps.

I'm a developer, and earlier today when I tested one of my applications Norton SONAR detected it as a high risk threat. I do not know what make SNOAR think this is a virus, and I would really like to figure it out. Is there a way to see what made SONAR think this is a virus? Something like "tcp listening" or "killing application".

A little information about the application:

It is a service. Before installing it as a service, Norton 360 reports it as clean. When installing it as a service and pressing start, SONAR report it as a high threat virus and ask me to restart my computer so it can be removed. I have no idea where to start changing, since there is about 1000 lines of code.

I am running Norton 360 5.1.0.29 if that is important for you.