1

I made a custom Java GUI application to help some of my students perform matrix calculus (name: BCS). To have a custom icon and to minimize problems with their lack of experience with jar files, I created an exe that simply runs a bat file that opens my app (java -jar BCS.jar). Also, to minimize problems with external libraries and their path, I created a custom installer with Inno Setup. All of this worked fine on my PC, but when I tried on my lab's computer, windows defender detects a virus (?) and deletes the exe inside the created directory and its desktop shortcut.

I tried to add a piece of instruction on Inno Setup that runs a powershell script, adding a windows defender exclusion for the BCS directory.

INSIDE INNO SETUP

[Run]
Filename: "powershell.exe"; \
      Parameters: "-ExecutionPolicy Bypass -File ""{app}\setup.ps1"""; \
      WorkingDir: {app}; Flags: runhidden

SETUP.PS1

$scriptPath = split-path -parent $MyInvocation.MyCommand.Definition
Add-MpPreference -ExclusionPath $scriptPath
Add-MpPreference -ExclusionProcess "BCS.exe"

Doing this, the exclusion is successfully added. But after the install on my lab's computer, windows defender still detect a virus on the desktop shortcut. The exe inside BCS directory was untouched, but its shortcut was again deleted. How can I get rid of the windows defender warnings for my application, without disabling it? I suppose that if I add another exclusion to the desktop shortcut, it will be ok. But if the user wants to put the shortcut somewhere else? Any help will be appreciated. Sorry if my English is bad, it is not my first language.

Andrew Truckle
  • 17,769
  • 16
  • 66
  • 164
veiocadan
  • 33
  • 4
  • Make sure there isn't a virus in your system piggybacking on the install package. Use another a scanner just in case. Then, [submit your application](https://www.microsoft.com/en-us/wdsi/filesubmission) to Microsoft for analysis as a false positive. – vonPryz May 31 '21 at 18:00
  • 1
    Is your installer signed? It's a must these days. See [Microsoft SmartScreen - suspended using Inno Setup installer?](https://stackoverflow.com/q/29067877/850848). – Martin Prikryl May 31 '21 at 18:43
  • Does Defender output or log any more information about what it detected? – StayOnTarget Jun 01 '21 at 12:01
  • @StayOnTarget, I will write links to similar (same code) errors, because I don't know how to put images here in the comments. Before adding the exclusion, this kind of error dialog pops up. https://i.imgur.com/eb1tH6Y.png After I added the exclusion, tha former error doesn't pop up, but windows defender still detects an virus (middle warning). https://ugetfix.com/wp-content/uploads/articles/askit/windows-defender-repeated-pup-detection_en.jpg – veiocadan Jun 01 '21 at 12:50
  • You can actually EDIT the question itself, and you can paste images right into the text there. – StayOnTarget Jun 01 '21 at 12:50
  • Sorry, I'm new on Stackoverflow. Hahaha – veiocadan Jun 01 '21 at 12:51
  • @vonPryz, I scanned my application, my created exe and the installer with Kaspersky, and nothing was detected. I will try to do that. – veiocadan Jun 01 '21 at 12:53
  • @MartinPrikryl no, it is not signed. I will look for how to do it. – veiocadan Jun 01 '21 at 12:53

0 Answers0