-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
VirusTotal false positive? #46
Comments
As expressed in #44 the answer remains same, these are all false positive by the malware scanner and for skeptical folks i would suggest build from source. |
UPDATE (v2.6.8): This false positive is caused because pyinstaller is used by many bad actors to supply malware. The fix i used is to compile the bootloader myself even though it does reduce the false positive detection from 14 to 4 it doesn't complete remove them so hence the new virus total report, The only permeant fix is to digitally sign the app but it requires a paid license |
check out laragon - not sure if you can sign with your own signature but it does have the capability built in to the services it comes with - im not a dev so i am not sure how all that works. but i have also seen software for windows for signing and distributing and it was meant to be a free tool as well as open source. it was several years ago but i will see if i can find it. |
isn't largon for web apps can you build python app more specifically pyqt apps with it? btw if you do find something that can digitally sign the app please do tell me thanks! |
I forgot the app name but there is an app that signed their app signature locally, to bypass the expensive signing cert. |
hey, yes what i was thinking of was a desktop software, if i remember right, it may have been by the same dev that makes BCUninstaller (BullCrapUninstaller), actually now that I mention that, this does sound about right. i have it on my other laptop. i've been too anxious to turn it on for almost two years now because of some unexplainable issues it is having. ...but i guess i should turn it on and find that software. if you know anything about why a windows 10 laptop would be writing what, at first glance, duplicate files and directories to somewhere on the harddrive. but it was doing it so fast, the laptop i had for 4 years without using 50% of the terabyte drive had only about 10% left after a single weekend. and i only noticed it by chance. otherwise it wouldve been full. tried restarting, obviously, i thought it was something to do with sandboxie but after logging in, the black screen after sign in immediately before desktop finally loads and becomes visible, instead stays black and explorer never starts - but if i launch it through other programs which i must use shortcuts/hotkeys to do, the file manager still open for file open/save dialogs, etc, but still no explorer, start bar, etc... so i just had to turn it off. but i will boot it and find that software tonight. by the way, what are you working on with pyqt? i am torn between building the app im working on with something like NodeGraphQT, Ryven, Pyflow or something similar but i just cant really code. i made a sniper bot that runs on python though. on like 9 chains i think. now i am trying to build a visual editor to use for creating auto trading strategies on a node graph interface. those were the python libraries/projects i was interested in. but all of them so far, are incomplete and devs have seemed to abandon them. the javascript node graph platforms i'm considering are either complete with extensive docs and full API reference, etc and one most likely wont even need anymore updates because it was built that well. its just all so far over my head trying to do things like build custom web3 nodes with no documentation. so right now i'm almost done rescusing eth.build which is also sadly abandon. and yes, laragon can be configured to run just about whatever, i wish i COULD code because of software i stumble upon like this. i think most people are under the impression that its more for web apps or guys who host their own stuff using PHP but i think its just because thats really the only circle of devs it is known within by more than just a few people and for that reason people in other domains just never take a deeper look. i am under the impression it can be extended to do whatever. i use it as a sandbox and for environment/de[endency isolation on a laptop that doesnt have WSL so no containers... and any development related tasks or software it is basically my dev mode launcher but, you can use it for nodejs projects, it comes with python, node, its own vs code (which all run and much faster than system/user installed versios because not using windows services but laragon's. you can set it to launch vs code from whatever URL pointing to a .zip file you want really. build and launch packages/projects/repos by selecting them from its main toolbar and it lets you set your own custom url , for instance, for quickly sharing or showcasing a prototype but with something cooler than a localhost and port # address hah. im rambling. let me find that software though. |
largon seems nice but it can't digitally sign for free right 🥲, and if you do find the software tell me and regarding your pc idk i have never heard of such a scenario maybe some malware infected ur pc or idk maybe some win update busted it up. if you really want to fix it my opinion is to boot up linux using a thumb drive copy important data then format ur pc that is if you are not using bit locker if you are then your options are limited. and currently i am not working on any pyqt apps i am currently rewriting this app to a winui app you can learn more about it from here (#60, #68) and if you want to build using pyqt here is a great repo for pyqt ui widget |
i will check these repos out btw if you do remember the app name it would be great help that would reduce my research time |
yea, i haven't found it yet and have been too busy to start with my other laptop because it will need to have very tedious even in safe mode. i just downloaded last of recovery tools i needed though. in the meantime, i stumbled on this completely randomly about an hour ago, which is weird - because, i haven't read all of this but it may be another option than the software i have. i am not sure if it could be used for python too? i suppose once it's already in an executable format it wouldn't matter... |
from JSign:
|
Why don't you use cert one already in Windows? Though, I'm sure you would eventually or even now would want your own... If you see in the picture in the bottom right > Microsoft states that it can verify the publisher, which is you. Microsoft is only the issuer. I don't recall at the moment how or why I had this one which is now expired. But you should be able to atleast try with powershell ^6. Copy one of the certs from certmgr.msc with 'code signing' as intended purpose to you personal > certificates store and see if it's possible...
|
hey i was kinda busy so didn't get time to check but how does this work doesn't i need a valid certificate for this where can i get it. |
hey, it's called Application Verifier, if I'm looking at the right one but I will look on external drive too. sorry, I don't know where to see notifications for this and only know how to get here via searching for the email from GitHub about last reply... |
I might be useless, because IDK the apksigner and reproducible build guide equivalent in python. Use a signed Sha cert or something like apksigner like from this AppVerifier Readme.md (IK this from Obtainium readme.md) Reproducible build is indeed hard in python, I just found out there's even a subreddit for RP, it is possible by F-Droid and accrescent with varied mix of RP vs app store signed cert only, which is not ideal yet. (Sorry for the rough draft, I'm currently on mobile and is not at home) Adhjie/Adhjie-Discussion#4 (my exposition on hypatia, virustotal, or other aspect) Forgot to mention VirusTotal integration, check the link, Autoruns by sysinternals dev and AppManager by MuntashirAkon has built-in VirusTotal. https://news.ycombinator.com/item?id=36349478 https://gitlab.com/obfusk/fdroid-misc-scripts/-/blob/master/reproducible/2023-10-01-all.md https://discuss.grapheneos.org/d/14452-how-to-explain-why-accrescent-over-f-droid/31 https://www.google.com/search?q=accrescent%20reproducible%20build&ie=utf-8&client=firefox-b-m https://accrescent.app/faq#verifying1. It can also be found on a Bluesky post to distrust the website. It is encouraged to verify it's the same with other people as well for assurance. DO NOT use AppVerifier to verify itself! https://github.com/soupslurpr/AppVerifier AppVerifier - App verification tool (recommended, integrates with Obtainium) https://developer.android.com/tools/apksigner Alternative.to is for alternative but by specifying the OS selection, I think equivalent or counterpart between programming languages app could be searched. Oh yeah, msys2 pacman also needs the msys2 cert by exporting it to msys2 from browser security page with the lock in Firefox, it's along with tracking protection icon. (No auto currently last time I use it , not sure if this is just import export or count as self signed) Edit 2: Tl;dr. |
are you taking about this Microsoft Application Verifier this seems to be a tool for finding security flaws is it possible to sign with it ?
Can you elaborate on this i have never heard of such, if possible, can you provide steps on how i can do this it's my first time signing an app all i heard is you need to pay so i am a total noob. @edgeofinnerspace btw i too only get notification when i check my mail the GitHub mobile app doesn't give notification for some reason at least for me |
thanks for the information's i will check them out |
Oh yeah, IK there's mono for android implementation of .NET of windows from ExifEraser and move to the active ExifToolGUI. not sure if it's possible for the reverse, I guess, I'll stop here since I don't think searching counterpart is easy. SD Maid SE and Czkawka had rewrites their apps but IDK how they handle signing certificate. A lot of devs are actually affected by AVs even MS Defender, especially small devs that had no powers against big AVs company. |
is this the kind of thing youre missing? also, i attached an empty file named test.exe in the zip. do you have a way to see if its signed? i attempted it... |
perhapsi used the wrong key type though |
https://www.virustotal.com/gui/file/68f12f2d3822db3aa1def8e62bcdba64194573f8921b13d08d696b4070794227/detection/f-68f12f2d3822db3aa1def8e62bcdba64194573f8921b13d08d696b4070794227-1700428804
The text was updated successfully, but these errors were encountered: