rejetto forum

Too many antivirus engine think hfs.exe is a virus...

ccieliu · 8 · 10323

0 Members and 1 Guest are viewing this topic.

Offline ccieliu

  • Occasional poster
  • *
    • Posts: 1
    • View Profile
Hi Team,

I am a user from Cisco.
Today, when I upgrade from hfs 2.3k build 299 to 2.3m build 300.
The McAfee delete the hfs.exe.

and I submit to virustotal.. too many antivirus block it.
[Please replace protocol by "https" in below link]
https://www.virustotal.com/en/file/e678899d7ea9702184167b56655f91a69f8a0bdc9df65612762252c053c2cd7c/analysis/1545445021/

Could you please check for this issue?
very love this software, and using it everyday.


Bruce Liu.
« Last Edit: December 25, 2018, 06:00:32 PM by Mars »


Offline bmartino1

  • Tireless poster
  • ****
    • Posts: 911
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
After downloading a fresh download/install and having them re- analyse the program again, i can confirm your results a 20/60 AV detection...


BUT! ... there is still no issues, nor anythign wrong with this program. these are False postive detections from the antivirus programs ... As the "AV" also looks at outgoing traffic.

most Popoular AV either detect them and report them as "pups" potenail unwanted programs
or as what it is
a http web server.

----------------------

the only thing i can do is re file reports like when i did for windows defender to stop some deletion and other, as this is a open source program and it code is public...

there are also some newer "AV" about of there test that are for android phone most of them are what caused it to drop in score and don't have a very good rep(from what i can tell) on there definition yet.

there was a jump between the ajax and jqurey security update and code changeover that started detection due to a self zip/executable(where hfs holds the offline version for lan use of jqurey) with in the program (something got bigger and alot of "AV" started to flag it due to a size in file change...

------------------
*IF you want them to go down them file reports linking to the source code, this forum and the download link.

Macfee changed there report stuff, i've filed reports with success at "lowering the threat level" (detected as pups or the win32 - http web services)

theirs nothing more i can do to "lower a 3rd party site annalists of the program. that up to the people who use them and to what extent they are being used.

NOW then onto Https -- hfs is using http protcal to do ftp transaction (alot more going on but that is the short term) if you want https you wil have to use another program.
*search the forum.. look into stunnel.
Files I have snagged and share can be found on my google drive:

https://drive.google.com/drive/folders/1qb4INX2pzsjmMT06YEIQk9Nv5jMu33tC?usp=sharing



Offline LeoNeeson

  • Tireless poster
  • ****
    • Posts: 857
  • Status: On hiatus       (sporadically here)
    • View Profile
    • twitter.com/LeoNeeson
Hi Bruce, welcome to the forum! :)

That's an old issue, but nothing to worry about.
HFS is safe to use and those are false positives.



The solution is that Rejetto signs the executable (sadly the costs of Certum.eu are higher now, starting at €25 and inexplicably requiring sending them a lot of documents to verify the identity, but it's still possible to get 1 year of Code Signing for €17 on Ascertia.com, and Ascertia is even giving free trial certificates, provided with a 30-day validity, enough for the purpose of signing the executable).
HFS in Spanish (HFS en Español) / How to compile HFS (Tutorial)
» Currently taking a break, until HFS v2.4 get his stable version.


Offline ThomassRichards

  • Occasional poster
  • *
    • Posts: 1
    • View Profile
So I can install, it without a problems?
Welcome to the Oakywood store. It's a gift shop, with beautiful things. These are items like wood laptop stand.


Offline bmartino1

  • Tireless poster
  • ****
    • Posts: 911
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
Yes, but hfs is a portable excutable. No insulation windows or process.

Fhfs has a install process due to ftp filezilla.
Files I have snagged and share can be found on my google drive:

https://drive.google.com/drive/folders/1qb4INX2pzsjmMT06YEIQk9Nv5jMu33tC?usp=sharing


Offline LeoNeeson

  • Tireless poster
  • ****
    • Posts: 857
  • Status: On hiatus       (sporadically here)
    • View Profile
    • twitter.com/LeoNeeson
So I can install, it without a problems?
Yes, but always verify that the MD5 checksum matches the file released by rejetto.

By the way, this thread is about HFS, but it was posted on the &RQ section (and it should be moved)
HFS in Spanish (HFS en Español) / How to compile HFS (Tutorial)
» Currently taking a break, until HFS v2.4 get his stable version.


Offline Fysack

  • Tireless poster
  • ****
    • Posts: 598
  • present picture
    • View Profile
    • Admin