Closed adiabatic closed 8 months ago
This is a false positive as far as I can tell. I'll see if I can do something to clear this up.
Can you remember what version you were upgrading from (to 1.17.5, I assume)?
One thing to try is uninstalling the app and reinstalling it, or seeing if Windows is happier with the "portable" ZIP version of Lagrange.
I think it was 1.17.3. I definitely remember that I wasn't upgrading from the obvious immediate predecessor (1.17.4).
Around that time (1.17.3) I switched the code signing certificate that I sign the app with on Windows. Perhaps that contributed to this?
You should be able to verify in the file properties that both the lagrange.exe and the uninstaller exe have a valid signature by "Open Source Developer, Jaakko Keränen".
The code-signing certificates seem as you describe them, although I haven't looked at all the fine print:
Is there anything else I can peek at on my end to help figure out if this is a real or false positive? My Windows machine is usually off, and I don't do general web browsing on it. Mostly I just turn it on to let it update itself, its Steam games, and bask in the calmness of a computer that isn't set up to do much.
This happened to me as well when I updated Lagrange; it's certainly something with Lagrange and not with your computer.
The code-signing certificates seem as you describe them, although I haven't looked at all the fine print:
Is there anything else I can peek at on my end to help figure out if this is a real or false positive? My Windows machine is usually off, and I don't do general web browsing on it. Mostly I just turn it on to let it update itself, its Steam games, and bask in the calmness of a computer that isn't set up to do much.
Is there anything else I can peek at on my end to help figure out if this is a real or false positive?
You could try a different antivirus scanner for a second opinion?
Microsoft seems to have a way for developers to submit software for analyzing false positives, but when I last tried to access the page, the service was down.
On my end, I will update a few of the 3rd party components like the Inno Setup installer and the WinSparkle autoupdater, maybe that will divert whatever detection heuristic is failing here. Another possibility is submitting to the app to the Windows app store for distribution, since that is probably more trusted by the system.
I've released v1.17.6. Please let me know if the new build is still being reported. As mentioned above, this one uses new versions of Inno Setup and WinSparkle.
This appears to be resolved now. I had the same trojan warning on the previous version but no warnings on 1.17.6.
No warnings on 1.17.6, here.
Calling this resolved, then.
I updated Lagrange with the in-app updater and, shortly afterwards, got this:
Is everything OK?