Giter VIP home page Giter VIP logo

Comments (4)

CherryPill avatar CherryPill commented on June 16, 2024

Now that's a surprise, I really have no concrete explanation for you at this time, but it's definitely a false positive and caused by using some unsafe Win32 API data structures. This problem also seems to affect versions 1.4.x, not 1.3.x.

I can assure you that all the application does with your system is read the WMI tables, saves and reads hardware data to/from your hard disk, temporarily saves the screenshot to your appdata folder and then deletes it afterwards and that's it. The source code is free for you to explore and compile on your own using MSVC.

I'll see what I can do about this problem, but if you're really paranoid about security or have difficulty navigating the source code and identifying security flaws I suggest you use 1.3.x versions.

from system_info.

shin-illua avatar shin-illua commented on June 16, 2024

First, sorry for the clickbaity title, I have to do it so that people would be aware about this issue, and I believe that it wouldn't hurt the image of the project at all given the labels added and the fact that I doubt anyone seeing that title wouldn't click and find out more.

Second, I'll try and build the solution in my machine and see if I could produce the same issue on the output binaries, and will also conduct additional analysis to give more insight about this issue.

from system_info.

CherryPill avatar CherryPill commented on June 16, 2024

Ok, so I build 1.4.2 locally and get at most 4 detection hits.

https://www.virustotal.com/gui/file/98b98d9e0793c21d366f75d3decab6e64bc15b8c147fd9251b05c47c41390cbf/detection

if I rescan the executable from your link I get different hit counts every time, from 16 to 25.

This is all very strange. I guess I'm gonna have to dig through the source code and fire fight parts of the code that could set off the AV.

from system_info.

CherryPill avatar CherryPill commented on June 16, 2024

So after a few hours of checking source code and messing around with virus total I can say that all of this is caused by the fact that the executable isn't digitally signed, because I started getting hits from virus total on version 1.3.x. I'll see about self-signing the executable, but the certificate is most likely not cheap, so for the time being it's going to be a false positive on virus total and other online AV checking tools.

Have you ever encountered the executable being flagged as false positive with your local AV software or is it just virus total?

from system_info.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.