Comments (10)
Is it time to put a note in the readme or releases so people can stop opening these (non-)issues?
from w64devkit.
Unfortunately I don't have time to investigate right now but here's what VT reports : https://www.virustotal.com/gui/file/dce1d71a3629e060e8f84ae7fff7334753eda2f9ced4c5ebc7327b169a5b5359/behavior
IP traffic :
- TCP 204.79.197.203:443
- UDP 192.168.0.48:137
- UDP a83f:8110:4c52:5043:2d61:3633:3264:6639:53
- TCP 23.198.171.50:443
- TCP 20.99.186.246:443
TLS :
- api.msn.com
I find very strange that a supposedly portable compiler app make TCP calls. If someone can investigate/explain, that would be great.
It also seems to drop files in the folder : C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0
What does this portable app have to do with the google updater?
It also does other things but I'm no expert in reversing windows binaries. I don't make accusations, I just am curious. In the end I personnally got visual studio back since I don't trust this repo yet. Windows defender removed the executable anyway and flag some part of it as a worm. I didn't feel like it was worth the risk to whitelist it even tho it could be a false positive.
from w64devkit.
from w64devkit.
Wow, I just tried my own current exercice in C and...it's a virus too... xD
It's got even more flag (7 AVs flag it as a virus lol). For a custom struct and a bunch of printfs, that's funny.
Thank you for taking the time to clarify and point out that VT is very broken.
In fact I tried the simplest code to open a file in 4 lines.
int main(int ac, char** av) {
if (ac >= 2) fopen(av[1], "r");
return 0;
}
And guess what, it is also a virus... Damn depressing... I suppose that those AVs detect every program that's "too basic" as a virus, if it doesn't have a certain degree of complexity and conformity, it flags it, probably just in case.
Sorry for being doubtful and suspicious, and thank you again for taking the time to respond!
from w64devkit.
is that really not an issue? Version 1.23 cannot be used on Windows 11 as the zip file is blocked straight after downloading.
If the main reason behind this project is "Portable C and C++ Development Kit for x64 Windows" well then I see here a big issue.
from w64devkit.
@Megaemce I wish it weren't an issue, but it is out of our hands. There is nothing actionable here.
As for the zip file getting blocked, there is a slightly convoluted process you can use to get windows defender to stop deleting it.
Go on the page for the "threat" itself, and click "actions -> allow"
If you have suggestions for how to get Microsoft to stop false flagging w64devkit, I'd love to hear them. AFAIK, it is impossible.
from w64devkit.
This is an old screenshot from a different obnoxious run-in with windows defender, and it's on windows 10. But I doubt Windows 11 differs by that much here.
from w64devkit.
Thx for the imput. Do you have any idea why then version 1.22 cause no windows defender alert?
from w64devkit.
@0xRemyRuiz I don't know, but w64devkit.exe itself makes NO tcp calls, at all. Its source is small, you can manually review it yourself
https://github.com/skeeto/w64devkit/blob/master/src/w64devkit.c
Other components of w64devkit (busybox.exe), that w64devkit.exe itself starts might. But that is for some of its applets (Like wget) among other things. They aren't split in other executables for size reasons, so it might appear that way.
It also seems to drop files in the folder : C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0
I don't know what you're talking about, but it sure isn't w64devkit that does that...
from w64devkit.
from w64devkit.
Related Issues (20)
- GDB 15.1 HOT 4
- Busybox automatically uses builtin commands, ignoring ones in $PATH HOT 3
- ld.exe: cannot find -lgcc_eh: No such file or directory HOT 4
- Viruses? HOT 5
- zip release HOT 14
- GitHub issue? HOT 2
- Feature Request: Please bring back the ZIP files HOT 7
- Windows Security and False Positive for Release v2.0.0 HOT 10
- ld.exe unable to find import libraries HOT 2
- cant extract exe HOT 2
- sh is borked on 2.0.0 HOT 25
- w64devkit issue HOT 2
- old versions fail to build - dead links (expat) HOT 2
- build mingw-w64-crt with -march=i486? HOT 2
- Add /usr dir to isolate self-built binaries and libs? HOT 5
- Windows detects w64devkit-x64-2.0.0.exe as PUA:Win32/GameHack HOT 2
- I miss the command `ldd` of Cygwin/MSYS2 HOT 13
- Can you add openssl? HOT 1
- Please add lld HOT 7
- starship.rs does not work with bash HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from w64devkit.