Pages: 1
  Print  
Author Topic: Portable EXE is flagged as malware by Google Chrome  (Read 2098 times)
Offline (Unknown gender) sorlok_reaves
Posted on: August 04, 2014, 09:12:14 PM
Contributor
Joined: Dec 2013
Posts: 261

View Profile
Just FYI:
Logged
Offline (Male) Josh @ Dreamland
Reply #1 Posted on: August 04, 2014, 09:32:36 PM

Prince of all Goldfish
Developer
Location: Pittsburgh, PA, USA
Joined: Feb 2008
Posts: 2958

View Profile Email
Many programs flag self-extracting zips as malicious. That zip was supposed to be a temporary measure, but alas, installing anything on Windows has no better mechanism. Of course, there's always the probability that Robert's managed to catch a virus that hooks his zip program and installs itself.
Logged
"That is the single most cryptic piece of code I have ever seen." -Master PobbleWobble
"I disapprove of what you say, but I will defend to the death your right to say it." -Evelyn Beatrice Hall, Friends of Voltaire
Offline (Unknown gender) sorlok_reaves
Reply #2 Posted on: August 04, 2014, 09:41:13 PM
Contributor
Joined: Dec 2013
Posts: 261

View Profile
What about just uploading a zip (in addition to the EXE)? Many people are comfortable just downloading->extracting.
Logged
Offline (Male) Josh @ Dreamland
Reply #3 Posted on: August 04, 2014, 09:59:18 PM

Prince of all Goldfish
Developer
Location: Pittsburgh, PA, USA
Joined: Feb 2008
Posts: 2958

View Profile Email
I think at this point Robert has the packaging process down to a science, but uploads are still a pain for him because he's on FiOS or something nasty. What we really need is a script that does the packaging for him. It'd be pretty easy to set up a cron job or web form on this site to run it. I have no idea what he does to package these zips, though, and I think it involves interfacing with Eclipse.
Logged
"That is the single most cryptic piece of code I have ever seen." -Master PobbleWobble
"I disapprove of what you say, but I will defend to the death your right to say it." -Evelyn Beatrice Hall, Friends of Voltaire
Offline (Unknown gender) Darkstar2
Reply #4 Posted on: August 05, 2014, 01:07:14 AM
Member
Joined: Jan 2014
Posts: 1244

View Profile Email
I have the latest and up to date AVIRA Premium and MalwareBytes Pro, and the portable checks just fine, (by portable I mean the one on the site dated 7/28.) So I always relied on those 2 trusted programs.  You probably have a false negative as result of heuristics scanning that is tripped by some of the characteristics of the self extraction/decompression/decrypter.

if people get false positives they should submit the sample to whatever shit they are using so it can get unflagged.

Cheers
Logged
Offline (Unknown gender) sorlok_reaves
Reply #5 Posted on: August 05, 2014, 10:25:18 AM
Contributor
Joined: Dec 2013
Posts: 261

View Profile
In this case, it is just flagged by Chrome (so, I assume, by Google).
Logged
Offline (Male) Goombert
Reply #6 Posted on: August 05, 2014, 09:45:21 PM

Developer
Location: Cappuccino, CA
Joined: Jan 2013
Posts: 3110

View Profile
Quote
Of course, there's always the probability that Robert's managed to catch a virus that hooks his zip program and installs itself.
Actually, I am not the one that uploaded the last Portable, so if it has a virus it is not me.

Quote
I think at this point Robert has the packaging process down to a science, but uploads are still a pain for him because he's on FiOS or something nasty.
Yup, this is also why we don't have a 64 bit release, I would do it if I could.

Quote
What we really need is a script that does the packaging for him.
All it has to do is update enigma.jar, lateralgm.jar, and pull any libraries that we add or want to remove, and it should update the fork of enigma-dev. The following would also be beneficial.

* If people would install git-bash on their own and have it removed from the ZIP
* If people could install mingw on their and have it removed from the ZIP, which is impossible because they fuck so many things up.

Logged
I think it was Leonardo da Vinci who once said something along the lines of "If you build the robots, they will make games." or something to that effect.

Offline (Unknown gender) daz
Reply #7 Posted on: August 05, 2014, 11:16:21 PM
Contributor
Joined: Jul 2010
Posts: 167

View Profile
The self-extracting installer from 7/1 was also flagged as malicious for me in Chrome (which Robert had packaged). I packaged the latest version, but I also used 7zip self-extracting exe and it is also flagged. The solution is to download from another browser, or change the setting in Chrome. Or of course we could package as .7z or .zip.

I have a spare Linux server I could set up to automatically update a Windows .7z and .zip if there was enough interest. Otherwise I could just do the same manual packaging every week or two.
Logged
Offline (Unknown gender) sorlok_reaves
Reply #8 Posted on: August 05, 2014, 11:29:51 PM
Contributor
Joined: Dec 2013
Posts: 261

View Profile
It's not really an issue for me, since I generally need to build from source anyway. I was just reporting it because a lot of people won't consider using something if it's "flagged", whatever that means.
Logged
Pages: 1
  Print