App security

[Adit Gadkary]

Hey guys i am a fresher in c# coding and i have made my own browser for basic browsing , so i have people telling me that thier antivirus is blocking my browser for some unknown reasons , even Microsoft edge also blacks it , i don't have any idea why it happens even if i am not spying or its not even a malware still . Is there any way to avoid so ? Am I missing something here ? I pack the installation into a installer using actual installer . Pls guide me .

 

 

Regards Adit 

[Srijan Verma]

I am not 100% sure on this,

it is probably because the application is form an untrusted source, i.e. windows/anitvirus software does not know where the software came from/who made the software hence it tags it as malware/ prevents it from executing.

As for how to solve this,
You may want to look into "signing" you software using a digital signature.You can see how to sign here: https://learn.microsoft.com/en-us/windows/win32/appxpkg/how-to-sign-a-package-using-signtool

[manikyath]

52 minutes ago, Srijan Verma said:

You may want to look into "signing" you software using a digital signature.You can see how to sign here: https://learn.microsoft.com/en-us/windows/win32/appxpkg/how-to-sign-a-package-using-signtool

probably this is part of the problem.

1 hour ago, Adit Gadkary said:

I pack the installation into a installer using actual installer

this probably isnt helping either.

 

and on top of that, an application that wasnt used by many people raises the threat level a bit too.

on that note.. microsoft's security stuff all works with "threat level" - there's a bunch of variables, and it's basicly a sum that if the result is above a treshold, it protects itself.

[Adit Gadkary]

On 1/27/2023 at 3:30 PM, manikyath said:

probably this is part of the problem.

this probably isnt helping either.

 

and on top of that, an application that wasnt used by many people raises the threat level a bit too.

on that note.. microsoft's security stuff all works with "threat level" - there's a bunch of variables, and it's basicly a sum that if the result is above a treshold, it protects itself.

Yeah i guess , because there is no warning or any suspicious thing when installed so i guess the root of the issue is actual installer. 

[Adit Gadkary]

On 1/29/2023 at 12:20 AM, Adit Gadkary said:

Yeah i guess , because there is no warning or any suspicious thing when installed so i guess the root of the issue is actual installer. 

So is there any way or any other app to do so ? 

[Franck]

On 1/27/2023 at 3:53 AM, Adit Gadkary said:

i have made my own browser

Do you really made your own browser engine or "used" someone usercontrol ?

[Adit Gadkary]

4 hours ago, Franck said:

Do you really made your own browser engine or "used" someone usercontrol ?

I used chromium framework 

[Franck]

7 minutes ago, Adit Gadkary said:

I used chromium framework 

Ok so it's not implementation the issue. Your problem is definitively the firewall. Be it the OS firewall or the one baked in various Anti-Virus software. If you have an installer and do not replace your executable file ever by code and request the correct privilege in the installer you should be green listed and it should work. There are however some picky anti virus that their firewall just do not care and you need to manually change the settings. Typically you ask the user to refer to their it support on how to white list softwares.

 

There is 1 other possibility be it usually very rare that happen from time to time and it's custom gateway setup by it admin that are specific by application name. If you app doesn't have the correct process name it just doesn't get the correct gateway and therefore receive/send no data at all.

[Adit Gadkary]

15 hours ago, Franck said:

Ok so it's not implementation the issue. Your problem is definitively the firewall. Be it the OS firewall or the one baked in various Anti-Virus software. If you have an installer and do not replace your executable file ever by code and request the correct privilege in the installer you should be green listed and it should work. There are however some picky anti virus that their firewall just do not care and you need to manually change the settings. Typically you ask the user to refer to their it support on how to white list softwares.

 

There is 1 other possibility be it usually very rare that happen from time to time and it's custom gateway setup by it admin that are specific by application name. If you app doesn't have the correct process name it just doesn't get the correct gateway and therefore receive/send no data at all.

The issue that happens is if i run my browser directly then it shows as suspicious app , scans it and then false alret, but if i pack it to a installer exe then it shows as a malware or spyware 

[Franck]

3 hours ago, Adit Gadkary said:

The issue that happens is if i run my browser directly then it shows as suspicious app , scans it and then false alret, but if i pack it to a installer exe then it shows as a malware or spyware 

I dont know which installer you are using but it seems to me that you are changing core registry values or anyhow changing settings you shouldn't, or you are changing it in a way that i shouldn't de done.

 

The AV will typically block :

- multi executable installer where your installer contains multiple exe/pif

- installer with network connection during installation

- installer with unconventional registry edit

- installer that is changing directory/file privileges

 

It will however allow these if you use a trusted installer and use the conventional way to do things.

For multi-exe you just need a signed package, the others your need to use the default tool part of the installer for example installshield has them and is a trusted installer