Unauthorized file Encryption

[mvdhel]

Trend micro found an Unauthorized file Encryption in Ginj_windows-x64_0_3_5.exe

[vicnevicne]

Hmm that's strange. I'm using the well-known Install4J setup system and maybe they encrypt some parts (their license ?) with hi-standards encryption... Can you tell me if you work in an environment with enforced security (enterprise or government controlled computer) ? It might be that Trend Micro is configured to reject any encrypted part... Regarding viruses at least, I just passed the executable through virustotal and nothing bad was reported: https://www.virustotal.com/gui/url/525998a7859db49ea3ea6558a648772ff8c53fc0ddc30d456374f23e994e4387/detection If you cannot bypass the test, tell me and I'll contact the makers of Install4J.

[mvdhel]

the 3.4 worked just fine, I've upgraded it to 3.5 then this occurred, this environment is an enterprise controlled one

[vicnevicne]

That's even stranger because nothing really changed between these versions in the installer I'm afraid I can't do much about it for now except hope that 0.3.6 will not have the issue :-( Note that if you have (or can have) OpenJDK installed, just downloading the .jar and running it with java -jar Ginj.jar should work with no need of the installer stuff...

[vicnevicne]

FWIW I opened a quesion on StackOverflow about this issue: https://stackoverflow.com/questions/63063087/trend-micro-detects-an-unauthorized-file-encryption-in-install4j-generated-ins

[mvdhel]

Without the installer there is are no problems

[vicnevicne]

Good to know. Thanks for confirming. As you can see on Stackoverflow, Install4J support replied that it's a false positive and advises to report it to TrendMicro. As it was not an issue in 0.3.4, I suggest we wait for 0.3.6 and see if it happens again...

[vicnevicne]

As you maybe read in Install4J's answer on StackOverflow, they don't use encryption, so it looks like some bytes were such that TrendMicro decided it looked like an encryption... Anyway I just released v0.3.6 which hopefully does not look the same in TrendMicro's eyes. Can you give it a go ?

[vicnevicne]

To be checked also in v0.3.7 ...

[mvdhel]

Did a new install now on version 0.4.4, no problems this time with Trend Micro

[vicnevicne]

@el3venS1x wrote in issue #32 :

I would also like to inform you friend that my Windows (8.1) recognize the .exe file as a dangerous file as Edge blocked the download "because it could harm your device" and I don't even use Windows Defender.

There are multiple possible causes:

• maybe an antivirus blocks the installer, like in this issue.
• maybe Edge has its own "whitelist"/"blacklist" and rejects Ginj.
• it could be that the computer is part of a company or school, with additional constraints, and if you cannot click "ignore the warnind and install", you're stuck.

I don't have enough resources to make sure Ginj is approved at each level unfortunately...

But there is a fallback method: install OpenJDK (of have it installed by your IT), then just download the .jar version from the release page, store it in any folder and run it with: java -jar <anyfolder>Ginj.jar (you can create a batch file and run it on demand, or put it in your startup folder to start it on boot if you like)