VirusTotal - 4 Flags - Githubissues

MaciejGorczyca / ChallengesAreEvil

Remove your challenge tokens from profile banner with 1-click-button solution.

202 stars 12 forks source link

VirusTotal - 4 Flags #8

Closed keydoch closed 1 year ago

keydoch commented 1 year ago

https://www.virustotal.com/gui/file/3f6be6db2b161fbd67d65fba3ed3f801fd1afe9b269f255dfdca82a774a39393/detection

MaciejGorczyca commented 1 year ago

The detected stuff is as generic as it can be and the exe is 100% virus-free unless:

my pc is infected and virus attached itself to created exe
github added the virus itself

I'm 99.99% sure both are not true and the file is clean and safe. If in doubt you can compile and build the executable yourself.

PS. Here are the checksums generated of the original exe file that I uplaoded

File: ChallengesAreEvil.exe CRC-32: e775a0c2 MD4: 2752f088c4562bcf5e8821f5347e1f1b MD5: cbfe389992ee326ab233c9f676869bbb SHA-1: fe9bf219995b057e3e95a536222649dfb395c89e

Ronimsenn commented 1 year ago

Hi, could you recreate the Hashes for the current version 1.1?

Current scan hashes are these:

MD5 9eefe5873cdba1bc4d412247326c0710 SHA-1 8313b541a54f6234b042db5628b9438eebeefb7f SHA-256 741ab39d4489f84a6628a88d260458f1e4be065219bddf9bd60090dcd3e9e652

My browser (Firefox) as well as my current anti-virus program both flag this file as a Trojan. I couldn't find anything suspicious in the SourceCode on your page, however I am also not that good with C# and this type of pogramming.

Ronimsenn commented 1 year ago

Latest VirusTotal scan: https://www.virustotal.com/gui/file/741ab39d4489f84a6628a88d260458f1e4be065219bddf9bd60090dcd3e9e652

MaciejGorczyca commented 1 year ago

could you recreate the Hashes for the current version 1.1?

@Ronimjan This is the output:

File: ChallengesAreEvil.exe CRC-32: 2f83fea8 MD4: a4a577b0d8c1ec52032478134062a023 MD5: 9eefe5873cdba1bc4d412247326c0710 SHA-1: 8313b541a54f6234b042db5628b9438eebeefb7f

The hashes seems to match. The detected threats seems to be generic, which means it most likely is false positive (which it truly is in this case). I recommend compiling from source if there any doubts. I have no idea why it marks the exe as malicious and honestly I don't really want to dig down.

Alternatively I also recommend doing step-by-step tokens removal by following these instructions: https://www.reddit.com/r/leagueoflegends/comments/w91xqk/patch_1214_bug_megathread/iip126n/

This app does all of it but in just one click.