I am using a tool .NET Reactor from http://www.eziriz.com to obfuscate my .NET EXE application.
When trying to run my application after obfuscate Symantec recognize my application that it is infected with Bloodhound.Sonar.9 where there is no Virus in my application.
How to solve this problem please?
Bloodhound.Sonar.9 is a heuristic detection for processes based on certain attributes.
Files that are detected as Bloodhound.Sonar.9 may be malicious. We suggest that you submit any such files to Symantec Security Response. For instructions on how to do this using Scan and Deliver, read Submit Virus Samples.
Submitting suspicious files to Symantec allows us to ensure that our protection capabilities keep up with the ever-changing threat landscape. Submitted files are analyzed by Symantec Security Response and, where necessary, updated definitions are immediately distributed through LiveUpdate™ to all Symantec end points. This ensures that other computers nearby are protected from attack. The following resources may help in identifying suspicious files for submission to Symantec.
Hope that helps!!
It's a probably false positive.
Best Practice when Symantec Endpoint Protection or Symantec AntiVirus is Detecting a File that is Believed to be Safe
Restoring a false positive file detection from the Symantec Endpoint Protection quarantine
About managing false positives detected by TruScan proactive threat scans
I would also recommend you to submit the Files to the Symantec Security Response Team.
You would have to Submit the Files to the Symantec Response Team on the Following Sites:
Note: ThreatExpert is owned by Symantec.
Check technical details as well:
You can add it as an exception:
Open the GUI
Exceptions >> Click Configure Settings
Adding as Exceptions is not an option as my application is going to be published to all of my customers.
What about adding a global exception for all users?
If not, you will need to follow the links provided above.