.exe compilation looks suspicious

[AmazingMech2418]

Edit by MasterOfTheTiger: Old title ".exe compilation contains virus based on McAfee"

[MasterOfTheTiger]

You beat me to making this issue :P. I noticed this when installing it on my grandma’s computer. I could not even get it to install. I don’t know how to fix it. Do you have any ideas?

[MasterOfTheTiger]

I could not find anything on McAfee's website that would help us. I could not even find an email address that would help.

[ed6767]

See https://kc.mcafee.com/corporate/index?page=content&id=KB85567

[MasterOfTheTiger]

@edxtech Thanks! I will look into it.

EDIT: This does not seem to be the right answer. It talks about business and login to an account...

[ed6767]

It's the same email for both, I think..?

[MasterOfTheTiger]

I don't have McAfee, so I can't login or anything. We need to find an email.

[ed6767]

I did a Scan, McAffee does say it is vulnerable software. due to it running an older, more vulnerable version of electron. I guess you need to check out this: https://github.com/electron/electron/blob/master/docs/tutorial/security.md

[MasterOfTheTiger]

I guess I can see about updating it. It should not be hard at all. Hopefully that fixes it.

[MasterOfTheTiger]

I set the new version of Electron to 1.8.4 (the newest besides the 2.0.0 betas). Can someone make an exe file and test it?

[MasterOfTheTiger]

Here are some of the things I have run into when downloading and installing the .exe:

1. Chrome says that it has not been downloaded often and could be dangerous
2. Windows asks you if you are sure you want to run the file because it looks suspicious.
3. If you are using McAfee then shortly after you install it a notice from then will pop up saying that the file looks malicious and has been quarantined

[ed6767]

This is the same with any file. They are reported as suspicious until they have been downloaded and ran enough times.

[MasterOfTheTiger]

@edxtech So we make a bot that downloads it over and over and over again. Great idea.

So, what do we actually do about it?

[MasterOfTheTiger]

I checked it out on virustotal.com and only one antivirus tripped up on it, and it was not McAfee.

[MasterOfTheTiger]

Confirmed for version 0.2.0 and over.

[MasterOfTheTiger]

I think the best way to fix this is to sign the code. It is expensive, but when this project gets bigger, we will need it.

[MasterOfTheTiger]

Any news on this @amazinigmech2418?

[AmazingMech2418]

No news currently. I haven't actually had much time to work on this lately.

[MasterOfTheTiger]

No news currently. I haven't actually had much time to work on this lately.

I know, but would you mind re-testing this with Heb12 Desktop 0.3.0?

[AmazingMech2418]

All good!

[MasterOfTheTiger]

@amazinigmech2418 Do you think we can close it then?

[AmazingMech2418]

I think so.