w64devkit-1.23.0.zip: 12 virus scanners at virustotal flag it

[tmssngr]

https://www.virustotal.com/gui/file/5c7dce6762be3e0dba648a9317790444c0e2f1ef3e677315c115727d7a549539

[skeeto]

All false positives, though fortunately this particular listing doesn't include any trustworthy security software. The driver of these results appears to be debugbreak.exe (#132) and pkg-config.exe (both written by yours truly). Neither program changed in this release, so some incidental way that GCC 14 generates code matches entries across multiple databases, amplified by these EXEs being unusually lean.

Unfortunately there's nothing I can do about this. I've made everything about my builds as transparent as possible so that anyone can check and reproduce my work.

[davidstrahm]

Hi, I have installed the latest binaries last thursday on my windows machine. Yesterday, suddenly my mouse startet moving by itself and windows opened everywhere and stuff started installing.

After rebooting, Windows defender isolated debugbreak.exe:

[Peter0x44]

"This program is dangerous and self-propagates over a network connection" Utter nonsense. This is total worthless fearmongering and truly unacceptable.

[davidstrahm]

What do you mean? I am posting what happened, in an attempt to let the developer know there may be a problem. How is this "fearmongering and truly unacceptable" ?

[tmssngr]

What was surprising for me, was, that having downloaded the w64devkit-1.23.0.zip and uploaded to virustotal.com resulted in the above virus detection, but when I've told virustotal.com to verify the download URL https://github.com/skeeto/w64devkit/releases/download/v1.23.0/w64devkit-1.23.0.zip it did not show any threat: https://www.virustotal.com/gui/url/8bd03334f21f5f49af6b6f8e53075afbcaccee94cd225ee7968903aadfcee892

[edispring]

When downloading the zip and running /bin/debugbreak.exe through virustotal by its self the result is quite bad:

[Peter0x44]

@davidstrahm I was referring to the nonsense message windows defender invents. It was not personal to you.

Either way - there is nothing any of us can do. debugbreak.exe is not malware. This message is false positive. There is no problem.

[PNBRQK]

From the description of debugbreak.exe it is not an indispensable component. Simply delete it on suspicion.

[MagicalDrizzle]

I have to say windows defender love tripping on w64devkit binaries - make, debugbreak etc

[luc0x61]

@MagicalDrizzle same here, as it was already with AVG antivirus (still I haven't tried it lately)

[jburn20]

Hi - any idea why debugbreak.exe is getting flagged as malware?

[Peter0x44]

@jburn20 go ask Microsoft. We aren't antivirus developers, there is nothing we can do. This is not an issue.

[jburn20]

I understand that. I was just asking for any clarification on what the root cause might've been.

Thanks.

[skeeto]

False positive, see #79.