Reported as "virus"

[trueliarx]

Hello,
I've downloaded the portable version but it is notified as a "virus".

Simple Video Cutter.exe
https://www.virustotal.com/gui/file/6fc975e2603a68db449ac6f112f4352b096cc3f72466053d8c80c870edb69714

SimpleVideoCutterApp-win-Portable.zip
https://www.virustotal.com/gui/file/abb7f568962e899e65e96ff6034471b271c9e2cd5a170d41f933fb4fe2ebe416

[GetFunctional]

Yeah same here. Fix would be really appreciated as the app get's deleted automatically by windows.

[bartekmotyl]

Unfortunately I cannot help here. If you downloaded the portable installer from GitHub, then it is was built (by me) from the sources that are in this GitHub repository, using Velopack . Indeed, apps built with Velopack sometimes are recognized as viruses by different AntiVirus software but there is no way to fix this. These are just false-positives. So you can either make an exception in your anti virus program, or try building the app yourself from the sources (Visual Studio, required for building the app, can be downloaded for free).

In you mean the Windows Defender (SmartScreen) then here the problem is a bit different. If an installation file is not signed with a proper certificate (which is paid only, and I do not have any) Microsoft Window considers such a file to be "dangerous" and by default blocks access to the file. There is a way to bypass this block though - see more info here.
Once several people install the app and Windows detects it does not pose any risk, then its reputation increases and Windows does not block it for other users.

[Anjoland]

I also received a virus warning when I scanned the file. Said it was win32/phonzy.a A info stealer. This will steal your browsing history and such, so any logged in sessions like google, they will have that signed in session and can wreck havoc
I dont know what you mean you cannot help. Dont you vet the code you use? Especially if its on github its not like you cant go through that source code correct?.

[bartekmotyl]

I dont know what you mean you cannot help. Dont you vet the code you use?

The executable file you download (providing you download it from this GitHub page) is compiled from the sources in this repo (free of viruses) and packaged&published using Velopack library, which is also open source (and I believe is free fo viruses as well).
It does not contain any viruses.

Antivirus software sometimes report false positives, see for example these articles:

• https://support.avira.com/hc/en-us/articles/360002183358-What-is-a-false-positive-Avira-Antivirus-detection
• https://encyclopedia.kaspersky.com/glossary/false-positive/
• https://www.f-secure.com/v-descs/false-positive.shtml
• etc.

I am not able to contact all these manufacturers and convince them the exe file is fine (especially that once new version is released I would need to do this all over again).

Especially if its on github its not like you cant go through that source code correct?.

In this app (Simple Video Cutter), same as it is the case of thousands of other open source apps, I use many external, open source libraries (including VLC, velopack, etc.) that are not mine. I simply use/link these libraries to make a final product. I cannot modify their code (dlls), but I strongly believe these libraries are mature enough and trustworthy. Feel free to check them though to have your own opinion.

[trueliarx]

EDIT: I've noted right now that that the source code available is about version 0.29.0.0 while the downloaded (portable) files are about the version 0.31.0.0

---- initial comment ----
It is not about being false positive but the fact that any antivirus (ex. windows defender) is stopping it. Such thing is a big damage to the project, no matter if it is not intended people would prefer to not run the executable.

The problem doesn't show when the executables are compiled from the sources (I've not checked if you've done some changes or the genuinity of the code | no offense intended, anyway I think that you are in good faith).

https://www.virustotal.com/gui/file/9507af71894e83d9ce171cd57039d6602be3d143ce556f03ca30a8b695433654

Except for an heuristic check about the dll
https://www.virustotal.com/gui/file/489dab16449da9c0f66052afa541a13888a50db54561fc472df42ed84ead41cb?nocache=1

---

In my case build.ps1 is unable to compile the project and generates an empty zip.

Velopack seems to be incompatible with my version of .net (2022) that reports problems with --output on compilation time.

C:\Program Files\dotnet\sdk\8.0.204\Current\SolutionFile\ImportAfter\Microsoft.NET.Sdk.Solution.targets(36,5): warning
NETSDK1194: l'opzione "--output" non è supportata durante la compilazione di una soluzione. Se si specifica un percorso
 di output a livello di soluzione, tutti i progetti copiano gli output nella stessa directory, con possibili compilazio
ni incoerenti. [C:\Users\utente\Downloads\simple-video-cutter-development\src\SimpleVideoCutter.sln]
  SimpleVideoCutter -> C:\Users\utente\Downloads\simple-video-cutter-development\src\SimpleVideoCutter\bin\Release\net7
  .0-windows\win-x64\SimpleVideoCutter.dll
  SimpleVideoCutter -> C:\Users\utente\Downloads\simple-video-cutter-development\src\publish\

I personally prefer simpler NSIS installer for both the regular and portable versions of my applications (long time that I don't make one).

[bartekmotyl]

EDIT: I've noted right now that that the source code available is about version 0.29.0.0 while the downloaded (portable) files are about the version 0.31.0.0

Latest sources are the same as used for building version 0.31.0.0 (see here and here). Btw. build.ps1 is an old build file, used before velopack. In order to build using Velopack, please start the prepare-dist.cmd (you need to have Velopack installed)

It is not about being false positive but the fact that any antivirus (ex. windows defender) is stopping it. Such thing is a big damage to the project, no matter if it is not intended people would prefer to not run the executable.

I have just downloaded the latest SimpleVideoCutterApp-win-Portable.zip (0.31.0.0), unpacked to a temp dir, extracted the SimpleVideoCutter.dll (hash 54cc5a454bde3d9ed24e1c8c0cad07da37966ce97edeb47759ba23604cea54d6) and uploaded to virustotal.com. It has not found any issues - see report here

It is not about being false positive but the fact that any antivirus (ex. windows defender) is stopping it. Such thing is a big damage to the project, no matter if it is not intended people would prefer to not run the executable.

When switching to Velopack I wasn't aware the problems with false-positives (I still believe that this what we observe are false-positives; you can even see this on this list that only small fraction of the engines actually detect something). It seems this is the problem other users of Velopack struggle with as well (there are threads on discord exactly about this topic). One of the solutions is to sign the file, but I do not have a proper certificate (they are paid only).

Nevertheless, I fully agree that this is not a good situation and would like to find a solution. On the other hand, Velopack is great in supporting instant updates and much more user-friendly than NSIS installers (although I had not have used NSIS for a while) and main goal of this project is to be as-simple-as-possible to use.

I will maybe consider adding (as part of the release files) also another zip, built with the old script (without Velopack packaging). Then anyone would be able to choose a preferred version.

[bartekmotyl]

I added svc-standalone.zip zip to the list of release files (available already for version 0.31).
It is the same app, but built without Velopack. Requires manual upgrades, but should not be detected as virus (VirusTotal does not report any issues)

[bartekmotyl]

I have also submitted simplevideocutterapp-win-portable.zip and simplevideocutterapp-win-setup.exe (version 0.31) to Windows Defender analysis (see https://www.microsoft.com/en-us/wdsi/filesubmission) and in both cases the verdict was "no malware detected". I think this means Windows Defender will stop blocking these files for other users as well (as long as they have latest definitions).

[trueliarx]

Good. Thank you for your efforts to solve this issue!

[JJW836412]

This is just a bit worrying

[bartekmotyl]

This is just a bit worrying

Where is this dll file coming from? Is it version 0.31? Which variant ? ( SimpleVideoCutterApp-win-Portable.zip / SimpleVideoCutterApp-win-Setup.exe / svc-standalone.zip )

[JJW836412]

This is just a bit worrying

Where is this dll file coming from? Is it version 0.31? Which variant ? ( SimpleVideoCutterApp-win-Portable.zip / SimpleVideoCutterApp-win-Setup.exe / svc-standalone.zip )

0.31.0 Is the version
SimpleVideoCutterApp-win-Portable.zip Is the file

Chrome blocks the download

Inside the zip file, there are 3 items. The `Simple Video Cutter.exe` is the one being flagged

[bartekmotyl]

I have submitted url of the file to https://www.google.com/safebrowsing/static/submit_success.html?hl=en for checking the file. Hope they will analyze the file and remove it from blacklist.