Inno Setup is Flagged as Trojan?
-
I'm getting to packaging for the first time and am attempting to create an installer using Inno Setup.
But the .exe installer is flagged as virus on user system. VirusTotal also flags it 11/77 vendors.
So I thought it was my script. Started removing some lines etc, nothing worked.
In the end I created a completely empty installer using the default script, and that still gets flagged as virus. What gives?
-
@aaronventure Time to pay the cartel and code sign your Windows installers. I used this company - https://signmycode.com/
-
Or don't give in to the code sign mafia and raw dog your installers to your customers like a real man!
-
@aaronventure Have you scanned your computer for viruses and Malware?
Maybe there is some contamination to the installers.
Normally it doesn’t happen frequently and passes 99.9% of the computers, if the installer is clean.
-
Tried it in a sandbox, same thing.
Again, I just click through the wizard and create an empty installer with no files of my own, I even set the flag that it doesn't contain an .exe file.
Same flags pop up when I upload the file to Virus Total.
On my laptop (Win10), it won't even compile, it stops the Inno compilation saying it's detected a virus.
Inno 6.2.2. Can anyone check, if you're on windows? Download Inno 6.2.2, just run through the script wizard, don't even change any names, don't include any files.
-
@aaronventure If you search innosetup false positive in your favourite search engine you will see this a lot. They want your money to make the nasty warning go away.
:money-mouth_face:
-
@d-healey I've read through all the threads on stackoverflow, yeah.
Well, if I sign it with Limelighter, the number of flags goes down from 17 to 7, one of them still being Microsoft.
-
I'm looking into this tonight. I have the EV certificates, and for some reason NORTON hates my installers. Specifically, the files created for uninstallation.
-
@Dan-Korneff tried InstallForge, now my main computer also detects that setup as a virus, and it's flagged 11/72 on VirusTotal.
That custom HISE installer idea looking better and better with every moment...
-
@aaronventure said in Inno Setup is Flagged as Trojan?:
custom HISE installer idea looking better
But the user still has to install the installer
-
@d-healey do they? I tried exporting a standalone exe and it scans fine.
Is there a reason distributing that wouldn't work?
-
@aaronventure I supply just a standalone and don't have any issues, other than permissions issues (unrelated to virus scanning)
-
@DanH right then, a standalone app that will do the simple installation of samples + vst3.
I imagine the mac version still needs to be notarized
-
@aaronventure for Mac I put the app in a DMG file, and notarise the DMG. The app needs to be codesigned obviously
I use DMG Canvas
-
@aaronventure I'm not 100% sure, but I think that any binary that you compile on your system is automatically considered trustworthy on your system (that's at least how it works on macOS).
But there are other reasons that might flag a Innosetup installer:
- requires admin access for copying files to places which wouldn't be accessible
- writes something into the registry to be listed in the "Uninstall App" window of System control
- tries to write files somewhere (this is a more suspicious activity than rendering audio)
I don't think any kind of custom-made installer will fix that problem. But are you sure that's a problem at all? You wouldn't be the first person that distributes an app with InnoSetup and the others seem to be fine.
-
@DanH do you need to do that for the vst3 or au as well?
-
@aaronventure codesign? Of course :)
-
@Christoph-Hart Yup my InnoSetup installers only very occasionally get flagged on a users system (I suspect more than I know because users are used to this and simply install them anyway), so I would send some out to beta testers and see what happens @aaronventure
-
@DanH There's also browsers which have their own system for flagging suspicious binaries and preventing the user downloading them.
-
@d-healey haven't had any issues with those thus far far :crossed_fingers: