VirusTotal says the 32-bit executables contain malicious code, this is most certainly a false positive but I'm very paranoid about viruses so I need someone to reassure me.
CricetoYT opened this issue · 2 comments
help
Hello,
Yes, this is a false positive. It's good that you care about health of your computer. However, all AV solutions are less and less reliable as real malware becomes more and more difficult to detect. AV vendors often use fancy words like "heuristic analysis", but it's actually just guessing.
The launcher has a few things that might seem suspicious and trigger these annoying warnings. First of all, the executables are small. I'm a perfectionist, so if there's something that shouldn't be there, then it won't be there. This is just a Crysis launcher and nothing else. It can be pretty small. Second, the launcher uses a few unusual Windows functions. For example, VirtualProtect, which is needed to patch Crysis DLLs loaded in memory. This alone might look like a virus activity, but it's completely legit in this case. There's no other way because Crysis source code is not available. Last but not least, the executables are not digitally signed. This is probably the biggest issue nowadays. I think what might happen in the future is that every unsigned executable will be treated as a virus. The problem is that you need quite expensive code signing certificate trusted by Microsoft to be able to digitally sign your application. You also have to provide your personal info to the certificate authority (CA). Moreover, extended validation (EV) certificates providing more trust and less virus warnings are available to companies only, so individual developers cannot get them. Not to mention they are even more expensive. Developing anything for Windows is a pain already.
Anyway, thanks for the report. I'll try to get a trusted code signing certificate and sign the next release of the launcher. It should make these stupid virus warnings less likely to occur.
Fixed in v3 - all released executables are now digitally signed.