search

jlaasonen / hexfile

Simple command-line tool to print a hex dump of a file
https://jlaasonen.me/software/hexfile
MIT License
5 stars 0 forks source link

Download issue with zip file #2

Closed ghost closed 2 years ago

ghost commented 2 years ago

Hi there, I am interested to test hexfile.exe, so I try to download hexfile-v1.1.0-win32.zip , but on my Windows 11 x64 (Version 10.0.22000.675) with Windows Defender turned on, it reported "Failed - Virus detected" after I insisted to proceed.

download

hexfile-v1.1.0-win64.zip, fortunately, is OK.

jlaasonen commented 2 years ago

I scanned the files with Windows Defender on Windows 10 and 11. No viruses were detected, but I removed the 32bit download just in case. I will prepare a new file later.

jlaasonen commented 2 years ago

I have uploaded a new version of hexfile-v1.1.0-win32.zip. It is built on a different computer and according to Windows Defender it should be clean.

ghost commented 2 years ago

I have uploaded a new version of hexfile-v1.1.0-win32.zip. It is built on a different computer and according to Windows Defender it should be clean.

Thanks for the nice effort! Unfortunately, I was not able to download it due to the same warning: Trojan

I believe this is false positive, and you should submit the file to Microsoft for malware analysis, so that they could whitelist your hexfile-v1.1.0-win32.zip. https://www.microsoft.com/en-us/wdsi/filesubmission

If you search online, there are a few similar cases. I removed the Detection History but problem persists.

Below are system information about Windows Defender on my PC:

Antimalware Client Version: 4.18.2205.7
Engine Version: 1.1.19300.2
Antivirus Version: 1.369.516.0
Antispyware Version: 1.369.516.0
ghost commented 2 years ago

No worries. Users can download FBC and compile on their own. I managed to use FBC32 and FBC64 to compile hexfile.bas successfully without triggering AV.

         49,664 hexfile.exe (Compiled with FBC32)
         55,808 hexfile.exe (Compiled with FBC64)
jlaasonen commented 2 years ago

I tested a bit with VirusTotal and the false positives appear to be somewhat dependent on the used compiler flags. I was not able to make all the scanners pass, but using -e made Microsoft's scanner pass.

-e should be used anyways as there is currently no error handling in the code and it makes the program exit instead of displaying junk. I updated the compile command in the readme and should implement proper error handling in the next version.

ghost commented 2 years ago

No more issues found. Great!

hexfile