Virustotal flag 32 bit version of my program as malware

Question

I've run into a very odd thing. I wrote a pretty simple program in C#, and tried to build a 32bit and a 64bit version of it. The 64bit version works fine, but whenever i try to build the 32bit version, my antivirus software removes it. I've uploaded both files to virustotal here:

32 bit: https://virustotal.com/da/file/fdb3d2870ce876b49eb5d9371fc0b133b7657ddd994603777a42a47f3eb09d8b/analysis/1461779525/

64 bit: https://virustotal.com/da/file/83334954cb0baef30153ca8bdfa900b64fef33f1983899c9e54e9156b72df00c/analysis/1461779699/

Why? its completely the same code, and the only difference is that i switched between x64 and x86 before they were build.

Answer 1

You could set your project to AnyCPU after removing the P/Invokes from your code. That way you don't need a x86 and a x64 build.

I don't see anything in your project which looks off, except the use of the following lines:

    [DllImport("psapi.dll")]
    static extern int EmptyWorkingSet(IntPtr hwProc);

    static void MinimizeFootprint()
    {
        EmptyWorkingSet(System.Diagnostics.Process.GetCurrentProcess().Handle);
    }

    ... 

    GC.Collect();
    MinimizeFootprint();

Given your small application there really should be no need to call the Garbage Collector manually and to tweak the workingset. There are known issues with using it .

Instead just clean up your brushes when you're done with them:

private void DrawResistor(PaintEventArgs e)
{
    Graphics g = e.Graphics;
    SolidBrush brs;

    //Første farve
    g.DrawLine(Pens.Black, 130, 35, 130, 109);
    g.DrawLine(Pens.Black, 140, 35, 140, 109);
    using (brs = new SolidBrush(this.Controls.Find(Farver[0], false)[0].BackColor))
    {
        g.FillRectangle(brs, 131, 35, 9, 75);
    }

    //Anden farve
    g.DrawLine(Pens.Black, 160, 44, 160, 100);
    g.DrawLine(Pens.Black, 170, 44, 170, 100);
    using (brs = new SolidBrush(this.Controls.Find(Farver[1], false)[0].BackColor))
    {
        g.FillRectangle(brs, 161, 44, 9, 56);
    }

    //Tredje farve  
    if (comboBox1.SelectedIndex != 0)
    {
        g.DrawLine(Pens.Black, 190, 44, 190, 100);
        g.DrawLine(Pens.Black, 200, 44, 200, 100);
        using (brs = new SolidBrush(this.Controls.Find(Farver[2], false)[0].BackColor))
        {
            g.FillRectangle(brs, 191, 44, 9, 56);
        }
    }

    //Fjerde farve
    g.DrawLine(Pens.Black, 220, 44, 220, 100);
    g.DrawLine(Pens.Black, 230, 44, 230, 100);
    using (brs = new SolidBrush(this.Controls.Find(Farver[3], false)[0].BackColor))
    {
        g.FillRectangle(brs, 221, 44, 9, 56);
    }

    //Femte farve
    g.DrawLine(Pens.Black, 265, 35, 265, 109);
    g.DrawLine(Pens.Black, 280, 35, 280, 109);
    using (brs = new SolidBrush(this.Controls.Find(Farver[4], false)[0].BackColor))
    {
        g.FillRectangle(brs, 266, 35, 14, 75);
    }

    //Sjette farve
    if (comboBox1.SelectedIndex == 2)
    {
        g.DrawLine(Pens.Black, 293, 35, 293, 109);
        g.DrawLine(Pens.Black, 303, 35, 303, 109);
        using (brs = new SolidBrush(this.Controls.Find(Farver[5], false)[0].BackColor))
        {
            g.FillRectangle(brs, 294, 35, 9, 75);
        }
    }
}