fveerden
commented
4 years ago I could not even start the executable, because my virus scanner deleted it.
Closed capoeiraWV closed 4 years ago
fveerden
commented
4 years ago I could not even start the executable, because my virus scanner deleted it.
rcaelers
commented
4 years ago You get this SmartScreen warning because the Workrave installer has not build up sufficient reputation. The more people download and execute the installer, the more reputation it gets. At some point it has established sufficient reputation and the warning will disappear.
The only way to remove this warning from the beginning is by signing the installer with a "EV (Extended Validation) Code Signing Certificate". Such a certificate is 1) expensive ($300+ per year) and 2) Not issued to individuals, only to organizations. So I'm not sure if I can do much about this. I will investigate signing it with a normal certificate. That will at least remove the 'Unknown publisher'.
I uploaded 1.10.42, 1.10.43 and 1.10.44 to VirusTotal, I only get the Trojan.Win32.Inject!O report by 1 virus scanner out of 72, so I think this is a false-positive.
@fveerden: What version of Workrave did you test? And which virus scanner do you use and what virus did it detect?
capoeiraWV
commented
4 years ago Thanx for your explanation, Rob!
Continue the good work! It’s a great tool!
I love that I can replace or add exercises and adapt the duration of the exercises.
I created a set with exercises for tennis-elbow and golf-arm for myself and replaced the original set.
Very basic and nothing fancy, like the original set. And it needs some fine-tuning, but it’s great your tool has this “option”!
Kind regards,
Willem
Van: Rob Caelers [mailto:notifications@github.com] Verzonden: woensdag 20 mei 2020 18:47 Aan: rcaelers/workrave CC: capoeiraWV; Author Onderwerp: Re: [rcaelers/workrave] Error installing Workrave (#198)
You get this SmartScreen warning because the Workrave installer has not build up sufficient reputation. The more people download and execute the installer, the more reputation it gets. At some point it has established sufficient reputation and the warning will disappear.
The only way to remove this warning from the beginning is by signing the installer with a "EV (Extended Validation) Code Signing Certificate". Such a certificate is 1) expensive ($300+ per year) and 2) Not issued to individual, only to organizations. So I'm not sure if I can do much about this. I will investigate signing it with a normal certificate. That will at least remove the 'Unknown publisher'.
I uploaded 1.10.42, 1.10.43 and 1.10.44 to VirusTotal, I only get the Trojan.Win32.Inject!O report by 1 virus scanner out of 72, so I think this is a false-positive.
@fveerden https://github.com/fveerden : What version of Workrave did you test? And which virus scanner do you use and what virus did it detect?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/rcaelers/workrave/issues/198#issuecomment-631594481 , or unsubscribe https://github.com/notifications/unsubscribe-auth/APUSM6JSJ7ULZIGGUZJ7DH3RSQCR5ANCNFSM4NFC2CFQ .Afbeelding verwijderd door afzender.
fveerden
commented
4 years ago I Tried workrave-win32-v1.10.43.exe. Norton Security names it WS.Reputation.1 (average risk). Tried 1.10.42, and that one is considered save by Norton, but not by Windows 10.
rcaelers
commented
4 years ago WS.Reputation.1 is also a reputation based check. Except this one is not from Microsoft, but from Norton:
"WS.Reputation.1 is a detection for files that have a low reputation score based on analyzing data from Symantec’s community of users and therefore are likely to be security risks. Detections of this type are based on Symantec’s reputation-based security technology. Because this detection is based on a reputation score, it does not represent a specific class of threat like adware or spyware, but instead applies to all threat categories. "
Not much I can do I'm afraid..
I will close this issue and create a new one for signing Workrave.
When double-clicking workrave-win32-v1.10.43.exe to install it on my W10 Enterprise (build 1903) I get this error: Windows protected your PC Microsoft Defender SmartScreen prevented an unrecognised app from starting. Running this app might put your PC at risk. Application: workrave-win32-v1.10.43.exe Publisher: Unknown publisher
I downloaded the file from the formal website: https://workrave.org/download/
I can of course go on and ignore the notification, but as this is my company laptop I prefer to have a clean install, like I had with the old v1.10.1 version.
I also entered it in Virustotal and it got 1 hit (Trojan.Win32.Inject!O), but possibly this is a reaction to the file not being signed. I then downloaded workrave-win32-v1.10.42.exe and it got 2 hits (same as v1.10.43 + Trojan:Win32/Wacatac.C!ml) so I didn't even bother to try installing at as it also had an unsigned installation-file.
I haven't seen any other posts about this issue, so I wonder why I'm the only one and if the issue would be solved if the file would be signed.
If my old v1.10.1 version works fine, is it necessary to upgrade to the new versions? (i.e. because any security issues have been solved or features have been added/improved)?
Thanx for any useful reply/action.