Drawpile icon indicating copy to clipboard operation
Drawpile copied to clipboard

Published 20 hours ago verified publisher icon drawpile

Drawpile Client will be detected as Virus by Windows SmartScreen

Open tobimori opened this issue 7 years ago • 11 comments

The Drawpile Client will be detected as Virus using Opera Web Browser, so you can't download it using Opera and you will need another Browser to download it.

tobimori avatar Jan 23 '18 13:01 tobimori

I'm a bit out of the loop when it comes to modern antivirus. Does Opera have a built-in antivirus now, or is it a 3rd party scanner that just integrates with web browsers?

callaa avatar Jan 23 '18 17:01 callaa

It is built-in, as I only use Windows Defender, which shouldn't integrate. The file is also not download-able in Microsoft Edge. The 32-bit Version is fine.

tobimori avatar Jan 25 '18 07:01 tobimori

Hearing this from multiple users that their computer and antiviruses are flagging 2.0.6 and 2.0.7.

tincancrab avatar Jan 26 '18 21:01 tincancrab

Norton flagged 2.0.10, as well as windows defender smart screen.

aurora-dot avatar Mar 18 '18 11:03 aurora-dot

Hmm, I wonder what is causing it. The Windows version is cross-compiled on Linux, so I very much doubt it's actually been infected. (Do viruses still even do that?) Or do antiviruses these days just flag anything that hasn't been digitally signed?

callaa avatar Mar 18 '18 11:03 callaa

@callaa If I recall correctly, it is an unrecognised publisher, or because it is a recently new program. Was there an update near March the 18th? That could be a possibility, as I guess it needs reputation to not be flagged.

Edit: Norton prompt notified it was trusted when I had downloaded it, and no smart screen either. I'm guessing it was flagged because it was a new program, and needs reputation by the antivirus to be trusted.

However, there could be a possibility someone added malicious code to it and recompiled it, so just keep the site secure, and it would only be down to my first conclusion.

aurora-dot avatar Apr 29 '18 18:04 aurora-dot

I have Opera as an installed web browser and I don't get any notifications. Most of this is Windows SmartScreen in my experience. But having a signature perhaps might help mitigate this issue.

Wade821 avatar Nov 29 '19 09:11 Wade821

It's SmartScreen.

tobimori avatar Nov 30 '19 10:11 tobimori

Is this still happening?

notfood avatar Dec 25 '19 18:12 notfood

I know for a fact Windows still labels Drawpile as suspicious due to it being unsigned. You have to click on "More details" to get the option to allow it. Initial popup window has no obvious way to allow it, just a button that says "Close", so it throws off users who don't know there's an allow option behind the "more info" link in the message.

The best fix is to cough up money for a signed certificate from Microsoft.

(The exact naming in this comment may be wrong, but I've experienced this several times and I'm going off of memory)

tincancrab avatar Dec 27 '19 21:12 tincancrab

@tincancrab The original issue was about Opera refusing to download it because it was detected as harmful, not unsigned, with the issue probably SmartScreen or Defender.

tobimori avatar Dec 27 '19 21:12 tobimori

(I've taken over development on Drawpile, so I'm going through these tickets and organizing them.)

Known issue, the solution is to pay Microsoft or the antivirus companies protection money, which is not gonna happen.

askmeaboutlo0m avatar Mar 23 '23 13:03 askmeaboutlo0m