Custom win32 appliciation to integrate with SciTE

[chris.d...@gmail.com]

Hello,

I've written a small win32 application to quickly find files in a workspace. I would like to use it with SciTE. 

The problem is whenever I try to download it to my other computer, the AV puts it in quarantine and afterwards it is deleted.

I've read some things about signing executables, but this seems to expensive for a personal project.

How does SciTE handle this issue? Is SciTE also signed?

Thanks for the info

[Neil Hodgson]

chris.d:

> I've read some things about signing executables, but this seems to expensive for a personal project.
>
> How does SciTE handle this issue? Is SciTE also signed?

SciTE for Windows is not currently signed although it is something I’ve been meaning to work on for years now.

Its possible that AVs have some sort of reputation system where checksums of widely used apps are included in their allow-lists.

Neil

[Giuseppe Corbelli]

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview

In particular

"""
Microsoft Defender SmartScreen determines whether a downloaded app or
app installer is potentially malicious by:

Checking downloaded files against a list of reported malicious
software sites and programs known to be unsafe. If it finds a match,
Microsoft Defender SmartScreen shows a warning to let the user know that
the site might be malicious.

Checking downloaded files against a list of files that are well
known and downloaded by many Windows users. If the file isn't on that
list, Microsoft Defender SmartScreen shows a warning, advising caution.
"""

Seems to me that signing the executable might not be enough.

You may also submit files that have been wrongly detected as threats
here [1] but this is related to ms only, not av companies.

1:
https://docs.microsoft.com/en-us/microsoft-365/security/intelligence/submission-guide?view=o365-worldwide
--
Giuseppe Corbelli