[giancarlostoro]

I'm not a malware developer but you can tell an AntiVirus not to scan a specific directory so that could of been completely avoided. You can also tell an antivirus what not to send over to the AV developers / company as far as I remember. I stopped using antiviruses years back, but I remember this from when I would download cheating tools I would define a folder for those tools, some of which I had the source code to but they were all flagged as potential malware.

I always setup my AV software to ask me before it does any thing whatsoever. I don't trust most software, I'm not about to start trusting my AV not to randomly send proprietary software over to their homebase.

[inetknght]

I'll cut you some slack because you stated you're not a malware developer. But even if you're a normal developer, you should know that telling software to do something does not mean that the software will do that something. When the software in question is subject to being controlled by adversaries, all guarantees go out of the window.

[aswanson]

Yeah. I facepalmed at that assumption as well. It's as naive as a parent telling an 18 year old not to have friends over while they go on vacation for 2 weeks and thinking its all good from there.

[giancarlostoro]

You're saying nobody would be able to test if, when and what an Antivirus program is sending over the internet? If it all of a sudden is uploading enough data over to some server vs downloading (for updates) it's kind of a tall tale sign that it's phoning home with files. I don't use AV software anymore since I'm mostly on Linux, if I'm on Windows it's dedicated to Windows based programming, all my browsing is isolated usually.

You can go as far as finding the amount of data software is sending over the wire through the Task Manager -> Performance -> Resource Monitor. And to say an AntiVirus can hide this would mean it shouldn't be trusted whatsoever if it behaves like malware. The type of reputation any sane A/V company does not want to fall under.