Resonic and Virus Scanners

Resonic is clean, but some niche virus scanners always feel like reporting it as malicious, no matter what we do. Here's what you need to know.

Introduction

All builds and releases of Resonic Player and Resonic Pro are double-checked prior to release, and are digitally signed as proof of origin and integrity:

  • Executable and library files (.exe and .dll) are signed using a digital code signing certificate
  • Setup packages (.msi) are signed with the same certificate

While you should take your antivirus (AV) results seriously you should also learn to read the results so you don't instantly fall for false positives:

  • Verify the download sources
  • Check the digital signatures in .exe, .dll, and .msi files
  • Avoid low-quality virus scanners
  • Always look for consistent results across multiple virus scanners

When in doubt you can submit individial files to online virus scanning services like Virus Total or Jotti's to have them checked against a broad range of different virus scanners.

Note that AV scanners can have a serious impact on Resonic's overall performance. To avoid this you can create a folder exclusion.

Your only source for Resonic content should be this website.

See also: Privacy Statement

False Positives

A so-called false positive is when a virus scanner wrongly reports a clean file as being suspicious or infected.

An AV scanner detects a file as packed when it recognizes the file as compressed or encrypted, and when it may not be able to unpack it. Unless this is true for multiple AV scanners and for the same file it does not mean much.

A generic or heuristic detection is merely an educated guess. The file in questions may look “suspicious” to whatever algorithm or “artificial intelligence” is being employed. The metrics used by the AV software are kept secret, and legitimate software developers are left in the dark as to what caused the false positive in the first place. Many false positives fall into this category.

AV scanners these days also assign a “reputation” rating to files they encounter, with unknown files (e.g., a newly released update for Resonic) being less “reputable”. This is often marketed as “cloud protection”, or something to that effect.

AV vendors tend to over-report. For them, reporting a false positive is considered less problematic than reporting a false negative. However, there is no incentive for them to change that. Sadly the reverse is true for any other legitimate software developer.

Digital Signatures

You can Right-Click on .exe, .dll, or .msi files, open Properties, and select the Digital Signatures tab to verify the signature and origin of the file.

When you check our files, or run setup, the publisher should always read Liqube Audio e.U..

If these signatures are absent or broken the file was meddled with.

Slowdowns and Exclusions

Aside from potentially reporting false positives AV scanners can have a serious impact on Resonic's startup speed or generally reduce the application's performance. In extreme cases of bug-ridden AV engines startup might take between 15 and 30 seconds.

Make sure you always update your AV scanner to the latest version.

Adding an Exclusion

To avoid having Resonic reported as a false positive, or to generally improve its performance, you can go to your AV settings and add a so-called folder exclusion for your Resonic installation folder, which usually is C:\Program Files (x86)\Liqube.

Here are some instructions:

We would generally not recommend doing this, but seeing how Resonic is performance-oriented software artificial slow-downs are rather counter-productive.


We put all our time into this project, and our goal is to create something awesome.

We don't want to compromise the relationship with our users and customers.

Resonic is, was, and will always be free of malicious content, or intentions for that matter.

We always have and always will deny offers to bundle ad-ware with our software for monetization. Should you come across any website offering these kind of downloads, please let us know so we can have them taken down.

While we hope this answers your concerns sufficiently you can always get in touch.