Malware report #43
Comments
|
Appreciate a fast reply and linking to an existing issue, but it won't solve your problem if your whole repo gets flagged for spreading malware. You need to do something to the executable - sign it, use less packers/obfuscators or change their settings so that file AV signature changes etc. Uploading to VirusTotal is easy and free. Regards |
|
@apcsb It's not about compiler/packager/obfuscator, it's about the code that uses some p/invoke stuff to fix Windows Forms bugs. I've tried various things to improve the situation, like reporting false-positive to 20+ AV providers, changing the code, etc. None of them worked for the long term. Singing executable requires 200$ or more per year or so. |
Hi,
I have downloaded the EXE (v 0.10.2.0) today.
Microsoft Defender blocks it stating that it has
Trojan:Win32/Powbr.A!MTB
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=Trojan%3aWin32%2fPowbr.A!MTB&threatid=2147731258
VirusTotal shows 3 warnings: https://www.virustotal.com/gui/file/76f313fe24cf113e8f8d03e6892f6769ef240d9b8a3e8a9e09b0572d3783be5b
Given that there is no source code, you may want to do something before it gets reported and your repo gets torn down completely for spreading malware (not specifically blaming you w/o proof, but this is how it looks like).
Best Regards.
The text was updated successfully, but these errors were encountered: