spwolf

Issue solved by rickard67 here: https://github.com/RRUZ/vcl-styles-utils/issues/242

Usual false positive is not really a problem, since you can report it to every AV company, even Chinese ones, and they will clear it fast... plus they take 2-3% of the market and only block exe installation or in our case, a file in installation every 3 years. It is not a big deal, there are rules how to handle it and it gets fixed. Google blocks 75% of your internet users when it flags you and there is no way to find out why or to report it to anyone. There is simply no way to talk to anyone, and all of these cases I heard over the weekend are old school reputable companies that have been developing software for 10+ years, have thousands or hundreds of thousands customers and have great standing in the community and with AV vendors. They added some new functionality to block malware last week and did not even consider that it would affect legitimate software vendors nor build a way to report issues with it.

We at PowerArchiver got hit thursday afternoon. At first, google search console did not show much info, so we were not sure what was happening, but soon after all of our pages and downloads were blocked via Chrome and Firefox for most users. I know Beyond Compare was hit as well, and one of their installers is still tagged. From little we can find out by our own analysis: - Might be based on bad heuristics that is tagging many Inno Setups - Only 2 inno setup based installers were tagged, 7-8 others on same page were not including Inno and MSI. One of them was portable installer that just copied either x86 or x64 files to your folder. So it cant be doing anything smart to analyze installers. - Certificate was fine. We contacted Digicert, they told us certificate is valid, no complains and they even re-issued a new one. - By morning next day, every file signed by our certificate was blocked by Chrome and Firefox as dangerous, no matter what it was. - We deleted executables specified in our search console report and put up MSI based installer - Review passed after that (took 10 hrs) - At the same time we tried personal connections to many people at Chrome and Google security team. Might have helped as well as our previous installers were not tagged anymore. But it is a weekend, and we have not received any feedback directly. In this new world when company controlling 75% of the Internet can block software vendors with over 20 years of business experience and trusted publisher by all Antivirus companies with whitelisting service setup, and give you no way to even complain about "unwanted software" or explain the problems, we are now afraid to use anything open source that can be misused by someone else, such as Inno Setup or Nullsoft Installer. We are looking to switch to only commercial MSI based installer but there are features we need: 1. Bundle x86 and x64 in same bootstrapper. (MSI by default cant) 2. Multiple language support for bootstrapper (MSI by default cant) We used to use AI exclusively, and it is great looking with advanced boot strapper but we have had issues that users reported that could never be reproduced by us and AI team, which lead to us to start using much simpler Inno Setup. Anyone has any suggestions with something they deployed to 100,000 of users with above features? I know InstallAware has those, but it does not look too professional. Installshield Express might be safe bet, but not sure if it has all the features? Thanks!