Would Personal Builds run win-11? - Page 2

a1call · 2021-07-30, 19:41

FTR my Antivirus software just reported that it blocked a suspicious activity by WhyNotWin11.

Can a Mod please remove the links and references in post-1.

If you have run the software already please note the warning.

Apologies for the posting. I thought it would be safe based on the cnet article.

Uncwilly · 2021-07-30, 21:00

I broke the links. Anyone who wants to investigate it will have to do some assembly work.

a1call · 2021-07-30, 21:03

Acknowledged with thanks.
FTR I did not have any warnings the 1st time I ran it when I initially posted.
Only when I ran it today.

henryzz · 2021-07-30, 21:49

It wouldn't surprise me if it is an oversensitive AV complaining because it is doing fairly invasive checks.

a1call · 2021-07-30, 22:38

Well, the thing is I did not have a warning the 1st time I ran the program (Or at least I can't remember to).
There are not any other complaints indexed by google anywhere so far.
The attachment is a screenshot from my AV.

a1call · 2021-07-31, 04:52

I googled:
whynotwin11 malware

The site www. joesandbox. com reports it as Malicious:

Quote:

System Summary:
barindex
Binary is likely a compiled AutoIt script file
Show sources
Malware Analysis System Evasion:
barindex
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Show sources
Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
Show sources
Queries sensitive service information (via WMI, Win32_LogicalDisk, often done to detect sandboxes)
Show sources
Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
Show sources
Query firmware table information (likely to detect VMs)

Here is a closed GitHub discussion regarding false ownership:

https://github.com/rcmaehl/WhyNotWin11/issues/66

a reddit discussion:

Quote:

This website is not affiliated with the creator of the program. Although it uses a good download link at the time of this writing, I don't suggest anybody link others to this website, as they can change the link to a malicious one at any time.

UPDATE: They have switched the download link. Absolutely do not use.

https://www.reddit.com/r/Windows11/c...hynotwin11com/

From Norton "File-Insight":

Quote:

Filename: WhyNotWin11.exe

____________________________

____________________________

Developers
Not Available

Version
2.3.0.3

Identified
2021-07-02 at 6:10:19 PM

Last Used
2021-07-30 at 3:31:50 PM

Startup Item
No

____________________________

Many Users
Thousands of users in the Norton Community have used this file.

Mature
This file was released 30 days ago.

Bad
There are many indications that this file is untrustworthy.

Another closed discussion from github:
Multiple Vendors False Positives #49
https://github.com/rcmaehl/WhyNotWin11/issues/49

henryzz · 2021-07-31, 12:14

That list is things we would expect it to do.

S485122 · 2021-07-31, 14:25

Quote:

Originally Posted by henryzz

That list is things we would expect it to do.

Indeed.
Most antivirus software do not like administrative tools (which they often categorise as hack tools.) Just try to retrieve the serial numbers of the installed software : most of the tools will be blocked by the "antivirus" software.

Jacob

2021-07-30, 21:03	#14
a1call "Rashid Naimi" Oct 2015 Remote to Here/There 2,063 Posts	Acknowledged with thanks. FTR I did not have any warnings the 1st time I ran it when I initially posted. Only when I ran it today. Last fiddled with by a1call on 2021-07-30 at 21:07

2021-07-30, 22:38	#16
a1call "Rashid Naimi" Oct 2015 Remote to Here/There 2,063 Posts	Well, the thing is I did not have a warning the 1st time I ran the program (Or at least I can't remember to). There are not any other complaints indexed by google anywhere so far. The attachment is a screenshot from my AV. Attached Thumbnails

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
How to avoid the dirty flag in gpuowl builds?	azhad	Information & Answers	7	2021-04-03 01:53
Gpuowl Windows builds	kriesel	GpuOwl	27	2021-03-03 01:11
ARM builds and SIMD-assembler prospects	ewmayer	Mlucas	183	2019-02-25 08:17
Running 32-bit builds on a Win7 system	ewmayer	Programming	34	2010-10-18 22:36
Personal Supercomputer?	georgekh	Hardware	39	2004-11-07 00:55

2021-07-30, 19:41	#12
a1call "Rashid Naimi" Oct 2015 Remote to Here/There 2,063 Posts	FTR my Antivirus software just reported that it blocked a suspicious activity by WhyNotWin11. Can a Mod please remove the links and references in post-1. If you have run the software already please note the warning. Apologies for the posting. I thought it would be safe based on the cnet article.

2021-07-30, 21:00	#13
Uncwilly 6809 > 6502 """"""""""""""""""" Aug 2003 101×103 Posts 23162₈ Posts	I broke the links. Anyone who wants to investigate it will have to do some assembly work.

2021-07-30, 21:49	#15
henryzz Just call me Henry "David" Sep 2007 Cambridge (GMT/BST) 2·3³·109 Posts	It wouldn't surprise me if it is an oversensitive AV complaining because it is doing fairly invasive checks.

2021-07-31, 12:14	#18
henryzz Just call me Henry "David" Sep 2007 Cambridge (GMT/BST) 5886₁₀ Posts	That list is things we would expect it to do.