Fork me on GitHub

Just fired up my Windows 10 VM and fired up Edge browser and after initiating downloading I see:

Bob B22:10:57

yes - windows defender is reporting the 0.10.163 windows zip as a trojan

Bob B22:10:15

it has no complaints about 0.9.162


and how do we know this is for real or not?


someone reports that the scoop install works fine


If I ask defender to scan the zip itself, it reports:


@U026NQLSBLH says on twitter: if he scans the scoop-installed .exe there are no threats found


I think it would be nice to get this in sooner than later. Going for some 💤 now, let's keep an eye on it...


Just tried a scoop update * and…

Updating 'babashka' (0.9.162 -> 0.10.163)
Downloading new version (20.5 MB) [=====================================================================================================================================================] 100%
Checking hash of ... Get-FileHash : The file 'C:\Users\lee\scoop\cache\' cannot be read: Operation did not
complete successfully because the file contains a virus or potentially unwanted software.
At C:\Users\lee\scoop\apps\scoop\current\lib\install.ps1:697 char:21
+ ...          return (Get-FileHash -Path $file -Algorithm $algname).Hash.T ...
+                      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ReadError: (C:\Users\lee\ [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : FileReadError,Get-FileHash

ERROR You cannot call a method on a null-valued expression.
Get-Content : Operation did not complete successfully because the file contains a virus or potentially unwanted software.
At C:\Users\lee\scoop\apps\scoop\current\lib\core.ps1:1142 char:16
+         return Get-Content $file -Encoding byte -TotalCount 8
+                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ReadError: (C:\Users\lee\ [Get-Content], IOException
    + FullyQualifiedErrorId : GetContentReaderIOError,Microsoft.PowerShell.Commands.GetContentCommand

ERROR Hash check failed!
App:         scoop-clojure/babashka
First bytes:
Expected:    a81a76b432b47da301ff3192ad97100abe9d98490f16a9d33ff8f6ffcff8f180

Please try again or create a new issue by using the following link and paste your console output:

Bob B23:10:37

I've submitted the file to MS security as a suspected false positive, but I don't really know anything about their review process or turn-around time or anything. The scanner doesn't have any problem with the .exe file, just the .zip.


I remember we had this issue once in the past. I also submitted binary along with a reference to release file on Github so they can analyse it and mark as false positive.

Bob B01:10:39

I think this might be addressed now - MS came back and said they can't reproduce a detection, so I tried on a machine where I've never d/led babashka and Windows is fine with it there


Nice! Can confirm: • download with Edge of now produces no virus warning • scoop update of babashka now installs fine


@U013JFLRFS8 for future ref, where did you submit to Microsoft? Here?:

Bob B04:10:50

yep, that's the site I used


Thanks a lot, glad to hear this is resolved!