Antivirus False Positives

What is happening?

When you build your new launcher from GLCV3, you may see that some “antivirus” products raise flags about your newly built launcher.

There’s two reasons for this. Firstly, because it’s a brand new executable file and hackers and virus/trojan developers use executable files to put malicious code onto user’s computers. And secondly, because a lot of these “antivirus products” like to flag pretty much anything so it looks like they’re doing their job.

Let’s expand on this. So it’s not all bad, it’s 50/50. Obviously some of the top ranked antivirus software have a duty to see a new executable that nobody has ever used before and automatically become suspicious. This is normal behaviour in the world of antivirus technology and we have some steps below for you to remedy this.

On the flip side, some “antivirus software” (yet we put that lightly) maliciously do this to developers because they want their small userbases to think that it’s doing a “good job” of detecting “malicious” software on their computer.

Windows SmartScreen by default, will frown upon ANY new file being run on users computers until around 40-50 people have downloaded and installed it.

Either way, this is called a False Positive. This is out of our hands, out of your hands and out of our control. We have no control over third party software. Below we have some information on how you can protect your launcher.

False Positives

False Positives are the bane of developers lives. They can cause havoc with newly developed (and even established) software applications, executables and installers.

For the reasons above, False Positives are just that, a positive detection that is “false”. It’s not true, there is no malicious code, but some of the top ranked antivirus products don’t exactly know this for sure. There maybe a similar code routine used in a previous attempt or anything of that nature.

Due to the nature of how these algorithms work, it’s expected that false positive hits will occur and they do, quite frequently. Below is some more info on how these work and some tips on how you can speed up the process.

How can I stop it?

There’s the long way and the short way you can stop this.

Basically, because your launcher is a brand new executable file with no history, some AV products frown upon it instantly. They just take an instant disliking to it.

You should continue on with your development and distribution of your launcher no matter what. As soon as you put it as a link on your website for them to download, after around 20-30 people have downloaded it (roughly, it could take more or less) and they mark it as “safe” on their computer, the warnings will start to fade away until eventually, nothing at all. This is the long route.

If it’s causing an issue where the user cannot even download it, then you should submit your Launcher (and all files) directly to each Antivirus that is flagging it.

You can do this by Googling for each one. For example, if you Google “Avast Submit False Positive” you get a link like this. Here you can fill out a quick form, zip up your files and send them directly to the Antivirus company in question and they will analyse it themselves and “de-flag” it once they realise it is not a virus.

You can do this with all the antivirus software. If you cannot find a false positive report form for them, email them directly. You should also get all your users to do this to speed it up even quicker.

The short route is, to digitally sign your files. There’s two ways you can do this, you can get your own digital code-signing certificate or you can use ours. We have more information on this here. Even still, a code-signing certificate is not a “quick fix” for all solutions. You may still get false positives, however, based on experience, code-signing your launchers rapidly gets it de-flagged and trusted with the protection softwares out there.

Why don’t we code sign the launcher runtime for our users?

Because by law, we can’t. The “end product” when you create your own launcher, is yours. Not ours.

Our code-signing certificate covers liability for our software executables and dlls, not yours.

We pay a lot of money every year for our code-signing certificates and we cannot jeopardize our certificate with thousands of users worldwide who could potentially create a launcher with malicious intent for user’s computers.

We offer this as a service because we know our runtimes are safe and you sign a contract with us, plus we analyse your files before certification to ensure they are safe.

If you are looking into code-signing, click here.

126 views

Customer Login

If you are a product customer and want to access the private support forum sections and other resources here, login with your Store account.