"Why is the program flagged by antivirus?"
Why is the antivirus blocking the program?
This is a false positive. Any high-quality private software designed to bypass anti-cheats uses techniques that antiviruses flag as suspicious - simply because these are the same techniques used by actual malware.
An antivirus alert is a sign that the software is operating at a low system level. This is a necessary requirement for bypassing modern anti-cheats.
Is a cheat that doesn't trigger an antivirus detection better?
No. Private software that doesn't trigger an antivirus either lacks necessary low-level operations (likely failing against serious anti-cheats) or is already in the anti-cheat's signature database.
Is 40/72 detections on VirusTotal normal?
Yes, this is absolutely normal. Look at the names of the detections:
W64/Themida.WNWin64/Packed.Themida.QSuspicious AppGeneric.PackedUnsafe
These are not detections of a specific virus - they are detections of the Themida protector used to shield the code. Themida is a legal, commercial software used to protect programs from reverse engineering. Antiviruses detect the fact that the file is packed, rather than any malicious code inside.
But isn't 40 detections a lot?
The paradox is that actual viruses usually have 0–5 detections on VirusTotal, not 40.
Why? Because malware developers:
Specifically test their files on VT before distribution.
Use private cryptors tailored to bypass detections.
Constantly re-crypt files as soon as detections appear.
We, however, use Themida - a public commercial protector known to all antivirus engines. We don't need to hide from antiviruses; we need to protect the code from analysis by anti-cheats. These are different tasks.
Conclusion: A high detection count on VT with labels like "Themida/Packed/Suspicious" is actually a sign of legitimate protected software, not a virus.
Antivirus detections are a side effect of the technologies required to operate at the kernel level. This is not a bug, but a feature of any serious private software.
Last updated