Menu

#192 Antivirus False Positives

3.x
open
nobody
None
4
2018-09-16
2018-08-09
Uwe Mock
No

I sometimes receive reports that some protection software complains about my L4J wrapped JAR containing a virus or trojan. At the moment, I receive the following reports:

McAfee-GW-Edition: BehavesLike Win32 Suspicious-JARE.wc
Microsoft: Trojan:Win32/Vigorf.A

Is there a way to get around such reports? Some kind of signature maybe? Or having the L4J wrapper whitelisted?

Discussion

  • Markus Gothe

    Markus Gothe - 2018-08-09

    Codesigning, but as I pointed out earlier today; fixing the checksum might

     

  • Uwe Mock

    Uwe Mock - 2018-08-10

    How would codesigning work? Can you give me a link?

     

  • Uwe Mock

    Uwe Mock - 2018-08-10

    As far as I understand this thing, you need Microsoft Windows in order to run this. I don't have this software. And as I'm running Jenkins on ARM, a solution for that architecture would be nice.

     

    Last edit: Uwe Mock 2018-08-10

  • Dyorgio

    Dyorgio - 2018-09-12

    You don't need a windows machine, just use this maven plugin:

    <plugin>
   <groupId>de.tolina.maven.plugins</groupId>
  <artifactId>jsign-maven-plugin</artifactId>
  <version>1.0.1</version>
  <executions>
   <execution>
    <id>sign-app</id>
    <phase>package</phase>
    <goals>
     <goal>signexe</goal>
    </goals>
   </execution>
  </executions>
  <configuration>
   <alias>YOUR_CERT_ALIAS</alias>
   <file>${project.build.directory}/YOUT_APP.exe</file>
   <keystore>YOUR_CERT_JKS.jks</keystore>
   <storepass>YOUR_CERT_STORE_PASS</storepass>
  </configuration>
 </plugin>
     

  • Uwe Mock

    Uwe Mock - 2018-09-16

    Thanks for the hint. Where would I get a key? Can you point me to a tutorial?

     

    Last edit: Uwe Mock 2018-09-30

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.