Coder Social home page Coder Social logo

Comments (14)

elamast avatar elamast commented on July 24, 2024 1

from usbip-win.

cezanne avatar cezanne commented on July 24, 2024 1

We are speaking about last published binaries, right?

@mahmoudajawad : Yes. https://github.com/cezanne/usbip-win/releases/download/v0.0.9/usbip.exe

This is virus total result for usbip.exe as @elamast suggested.

from usbip-win.

cezuni avatar cezuni commented on July 24, 2024

@elamast : Thanks!
VirusTotal reports that all exe binaries in 0.0.5 and 0.0.3 have been infected. I'll check my windows dev box.

from usbip-win.

cezuni avatar cezuni commented on July 24, 2024

@elamast : Executable built by VS is often incorrectly detected as virus. I had found some stackoverflow links. Is this our case?

from usbip-win.

cezuni avatar cezuni commented on July 24, 2024

@elamast : I checked that recent release binaries(v0.0.6) are clean. As all usbip-win release binaries have been built in the same machine, my machine seems to be not infected with some viruses. As commented previously, I suspect that virus alert was caused by an invalid virus detection logic.

from usbip-win.

cezuni avatar cezuni commented on July 24, 2024

@elmast: I'll close it. Please reopen if you want.

from usbip-win.

mahmoudajawad avatar mahmoudajawad commented on July 24, 2024

@cezuni, the last published binaries are reported as infected with a trojan:
Trojan:Win32/Wacatac.D!ml

from usbip-win.

cezanne avatar cezanne commented on July 24, 2024

@mahmoudajawad :

the last published binaries are reported as infected with a trojan:
Trojan:Win32/Wacatac.D!ml

Which file? Binaries in v0.0.9 are checked as no problem from the upper web site.

from usbip-win.

mahmoudajawad avatar mahmoudajawad commented on July 24, 2024

Here's the report from Windows Defender:
image

It's wortth noting that Edge (chromium) refused to download the files initially as they were reported suspicious by SmartScreen. But, I ignored at forced downloaded the files. However, Windows Defender instantly removed them from my Downloads folder.

from usbip-win.

cezanne avatar cezanne commented on July 24, 2024

@mahmoudajawad : weird.. I have checked a downloaded usbip.exe with a recent virus checker but there's no virus reported.

from usbip-win.

mahmoudajawad avatar mahmoudajawad commented on July 24, 2024

We are speaking about last published binaries, right?

from usbip-win.

mahmoudajawad avatar mahmoudajawad commented on July 24, 2024

No. As I mentioned, it was deleted by Windows Defender automatically without even me scanning the files manually.

from usbip-win.

mahmoudajawad avatar mahmoudajawad commented on July 24, 2024

Hmm. This must've been some false positive. I just tried downloading the files again using Firefox this time and things went fine. It's not clear to me at all why Windows Defender decided the files were infected with some trojan first time. Thanks for your time on this, @cezanne

from usbip-win.

Jackfritt avatar Jackfritt commented on July 24, 2024

Latest Release usbip-win-0.3.6-dev.zip also get reported by virustotal.
I think its a false positive. What do you think?

https://www.virustotal.com/gui/file/489daccb3ddffb1ec83ab6e0a4f56a8b13a9af34ca4f9bf445357053aad46dc2

https://www.virustotal.com/gui/file/5a57753f17bfc6436708fbaac22b1e324f178b25b505111819989eefe936d281/behavior
1 match for rule Failed Code Integrity Checks by Thomas Patzke from Sigma Integrated
1 match for rule Use Remove-Item to Delete File by frack113 from Sigma Integrated Rule

https://www.virustotal.com/gui/file/8d0fd393dc9e8aaa1722c51190ebb872089867b0c34aa6b86dfcc69af87f153a/details
A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

from usbip-win.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.