search

Open-Shell / Open-Shell-Menu

Classic Shell Reborn.
MIT License
6.98k stars 433 forks source link

Virus, Trojan Malware and more things #1692

Closed kadel1 closed 1 year ago

kadel1 commented 1 year ago

Describe the bug

Hello, I don't know if you noticed but when passing the file through the virustotal website it shows alarming results... I'm new to using the application but I don't think this is normal.

I attach capture and links, anyway you can check it yourself by uploading the file to be controlled by the web...

https://www.virustotal.com/gui/file/9e9c32badb52444ca8a8726aef7c220ff48de8c7916cdfdca4dff6e009ac1f0c

image

Area of issue

Windows Explorer, Installation/Other

To reproduce

Hello, I don't know if you noticed but when passing the file through the virustotal website it shows alarming results... I'm new to using the application but I don't think this is normal.

Expected behavior

Virus

Open-Shell version

4.4.191

Windows version

Windows 10

Additional context

No response

ge0rdi commented 1 year ago

Hello.

This is just a false-positive.

I'm new to using the application but I don't think this is normal.

Unfortunately it is :( You can just search issues (closed too) for VirusTotal and you will see it for yourself. With every new release it is falsely detected by those obscure AVs.

And it is not related to just Open-Shell. Bunch of other open source projects is facing the same issue.

The problem is that these days AVs tend to just block unknown new files without any real basis. Unless the file is signed, it is treat as malicious.

Open-Shell is maintained by volunteers in their free time. We don't have means to spend on signing certificates and maintaining the signing infrastructure.

Though, whole project is open source and anyone can review every part of it (from source, through building process and resulting binaries). If there is anything malicious, we'd gladly have a look and fix it.

So far nobody was able to provide even a hint of any malicious behavior anywhere in our project. Thus it is just natural to assume there is no such thing present.

If you are worried about those detections, you can contact VirusTotal and/or those security vendors that detect those files. And ask them what exactly is malicious in them.

I'm sorry, but there is not much we can do about it.