Reputation: 46361
"This file contained a virus and was deleted" on an executable I built (and code-signed)
I have built a Windows executable (with MSVC++) requiring administrator privilege to run (it indexes files) ; I even code-signed it with a code-signing certificate I bought.
It works well on Win7, Win8, but on Windows 10, if I download the file from the browser, then I get this message from IE/Edge:
This file contained a virus and was deleted
and it's nearly impossible for a (non power-user) user to have access to the ZIP, extract it, and run the .exe. (It's very complicated to find the right quarantine place, and remove it from quarantine, etc.; and also it's non-ok for a commercial product)
It's clearly a false positive (I have no virus, and I checked it with many antivirus, and https://www.virustotal.com).
What solution is there? (I thought I had tried all I can do by even code-signing it with a certificate from a well-known CA)
Upvotes: 3
Views: 2194
Answers (2)
Reputation:
First of all, I'd suggest you to check if you've enabled "Real-Time Protection" and the other settings in the Windows Defender settings. Windows 10 is running almost every file through it before it gets executed (this feature is called SmartScreen and included in RealTime-Protection), so maybe that is what causes it.
If it happens even earlier, whilst downloading, then chances are that this is in your IE/Edge Settings. Unfortunately I am not aware where these settings are exactly (feel free to edit this answer if you know where they are), so I can't help you with that one.
If everything else fails, try switching to a different browser. I'm using Brave myself. It's a modified version of Chrome with a few additional features, but the choice is yours. Just make sure to disable the download protection in the settings as well. A quick browse through your privacy settings should usually allow you to change these settings.
Upvotes: 1
Reputation: 3968
The file was detected by Windows Defender as a file system indexer. All these files could be considered as a threat. You should report your file as safe to Microsoft.
Upvotes: 7
Related Questions
- How come my code causes my antivirus software to prevent it from running the executable?
- External file write is triggering anti virus pop up
- My executable file in the visual studio code is being deleted by McAfee automatically saying it detected a virus in it
- mcAfee antivirus immediately delete the .exe file when we run our program in VS Code
- How can I make my executable considered trustworthy by Windows and common Antivirus applications?
- False virus/trojan alert on fresh created C# .exe file when downloaded from a website
- How to prevent my .exe to be recognized as malware?
- Can signing executables prevent antivirus quarantining?
- Anitvirus says my program is suspicious
- Digitally signed executable being blocked when downloaded in Internet Explorer