Closed compieter-gh closed 2 months ago
I just downloaded v6.5 and this version is flagged by Windows Defender. Knowing this is a false positive am still reporting this as a bug.
Edit: After unpacking the archive and scanning MPOGPUFIX.exe which isn't being flagged so its just the archive.
Going the defintion of the malware, its simply a low scored process trust within a pack.
If I had money to sign the processes with an actual signature it would be all good 👌
I just ran it through the VirusTotal site and 5 out of 74 flagged the exe as a Trojan. Same as the original commenter
Edit: Here's the link to the virustotal scan - https://www.virustotal.com/gui/file/c2f1d6c1c479c822e6d2be66c4b61ce86f9f5698184598087333560a364c2d8e/details
Not sure if it's possible to alert them to the false positive
I have the same Issue with Eset Internetsecurity. From the log:
Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here 23/07/2024 20:00:31;HTTP filter;file;https://objects.githubusercontent.com/github-production-release-asset-2e65be/578775112/5c74dd15-78ef-4666-b48e-e0c0c29cdd06?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction/20240723/us-east-1/s3/aws4_request&X-Amz-Date=20240723T180030Z&X-Amz-Expires=300&X-Amz-Signature=51ed9b1b4944dea12b99a953c1deaaa39a41b03fed88feb4e97536c00de2a925&X-Amz-SignedHeaders=host&actor_id=155253562&key_id=0&repo_id=578775112&response-content-disposition=attachment; filename=MPOGPUFIX.zip&response-content-type=application/octet-stream;a variant of Generik.BLDJICO trojan;connection terminated;STEFAN-PC\Stefan 2;Event occurred during an attempt to access the web by the application: C:\Program Files\Mozilla Firefox\firefox.exe (0E12C4DDBC34036D13EDFE72BB4890BE106D3A4C).;837F75261C10B4BE381F564CA68F5EC6A73B2A5F;
I have the same Issue with Eset Internetsecurity. From the log:
Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here 23/07/2024 20:00:31;HTTP filter;file;https://objects.githubusercontent.com/github-production-release-asset-2e65be/578775112/5c74dd15-78ef-4666-b48e-e0c0c29cdd06?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction/20240723/us-east-1/s3/aws4_request&X-Amz-Date=20240723T180030Z&X-Amz-Expires=300&X-Amz-Signature=51ed9b1b4944dea12b99a953c1deaaa39a41b03fed88feb4e97536c00de2a925&X-Amz-SignedHeaders=host&actor_id=155253562&key_id=0&repo_id=578775112&response-content-disposition=attachment; filename=MPOGPUFIX.zip&response-content-type=application/octet-stream;a variant of Generik.BLDJICO trojan;connection terminated;STEFAN-PC\Stefan 2;Event occurred during an attempt to access the web by the application: C:\Program Files\Mozilla Firefox\firefox.exe (0E12C4DDBC34036D13EDFE72BB4890BE106D3A4C).;837F75261C10B4BE381F564CA68F5EC6A73B2A5F;
got flagged by eset for having the ability to open an url from the app.
Nothing I can do for that.
And as for everyone else, I can't do anything about the false positives other than trying to sign the exe using clickonce.
Released 6.6 to see if it's still being detected as a false positive. Any feedback would be really appreciated <3
Works fine here!
Works fine here!
Thanks for confirming!
I just downloaded v6.5 and this version is flagged by Windows Defender. Knowing this is a false positive am still reporting this as a bug.
Edit: After unpacking the archive and scanning MPOGPUFIX.exe which isn't being flagged so its just the archive.