x86ipc.exe flagged as virus + general question about registry key edits #30
Comments
|
Hi, thanks for voicing your concerns. This project is open source so if you have any concerns you can check the code out as you feel. There are no registry operations in the code, as for why VirusTotal finds some I am not sure, I would suspect that the VT sandbox runs are not clean or are not fully filtered? Regardless running on Hybrid Analysis nets a clean run. also running the latest binary from the github actions only flags 4/67 engines. |
|
FYI, downloading in Firefox flags it too once the d/l is complete. |
First off - I really like the look of this program you've written. It looks clean and useful, a solid implementation of many of the i3wm ideals.
However, I can't help but run these types of programs through a service as simple to use as VirusTotal.com, and the x86ipc.exe included in your .zip was flagged by 12/67 security vendors.
My number one concern is the vast number of registry edits this script is making. You can see the full report here. Now I'm not actually throwing any accusations around, I honestly believe you have the best intentions, but that doesn't change the fact that I still want some answers.
I've taken a quick look through the "x86ipc" folder at the code in hopes of spotting a smoking gun, unfortunately for me my experience with C is rather limited and nothing in here jumps out at me as being concerning.
Can you shed some light as to what bit of code is running that is making these registry edits/getting flagged by anti-malware suites? Any incites would be much appreciated, as I would love to put my mind as ease and use this sweet tool outside of an almost empty virtual machine.
Thanks!
The text was updated successfully, but these errors were encountered: