Hi,
I came across the bug below. What triggered me from the comments
on Bug 509799 is, that the 'eclipse.exe' is apparently signed as
part of the EPP build. As we are pushing Eclipse-Installer now,
many installations contain a 'eclipse.exe' that is not signed.
So maybe the problem is not how to let Microsoft trust the
Eclipse Signature, but more how to ensure that the
'eclipse.exe' is signed on all installations.
Bug 539954
- eclipse installer "SimRel
2018‑09" from ibm cloud is reported as virus infected
Bug 509799
- Symantec reports a Trojan
SONAR.AM.C!g24 in eclipse
Bug 485899
- upgrading eclipse causes
anti-virus to alert
Rolf
Op 6/17/2019 om 8:35 PM schreef Tim
Webb:
Unfortunately a no-go. Gave it a try and despite
taking 1.5 minutes to run the command line, it still took the
full first scan after running the exe that had already been
scanned.
It seems we'd need some guidance from Microsoft in how to
get some/all of Eclipse whitelisted in their Security
Intelligence. Perhaps at least major releases can have their
Jars registered...
C:\Users\tim>"%programfiles%\Windows
Defender\mpcmdrun" -AddDynamicSignature ...
You need administrator privilege to execute this command.
Perhaps there is a way we can register the signature and
have the Eclipse Installer ask the user for permissions to
invoke registering the Eclipse Signature as an approved
certificate?
Tim
Can
you make one of the affected persons try running this before
they
start eclipse?
"%programfiles%\Windows Defender\mpcmdrun" -scan -file
"full_path_to_eclipse_installation"
If that helps, we could potentially add this to the installer
(but not
the ZIPs, of course), in the hope Defender afterwards
remembers it
already scanned the installation. However, I have no
experience with the
above, I just googled around for cmd line interaction with
defender.
There are also more options (like different scan types), not
sure if
that makes an additional difference.
Another potential issue to check: Windows marks downloaded
files
automatically as "unsafe". See
https://www.howtogeek.com/70012/what-causes-the-file-downloaded-from-the-internet-warning-and-how-can-i-easily-remove-it/
for an instruction of how to remove that marker from many
files. I'm not
sure if this really has any relation with Windows defender
scans, I
think it only triggers the "Do you really want to..." popup.
That all being said, at our company we have given up to find
something
better than filters as workaround. With TrendMicro Antivirus
on access
scanning being active, every git operation inside eclipse is
about 10
times slower than with eclipse filtered from the scan.
Ciao, Michael
_______________________________________________
platform-dev mailing list
platform-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or
unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/platform-dev
--
Cheers,
Tim
Timothy R. Webb
Vice President, Operations
_______________________________________________
platform-dev mailing list
platform-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/platform-dev
|