I don't know yet. This was only reported recently. Do you know if there's a form I can fill out to file an appeal? Abuses of DNS are very common around the world and we're starting to see a lot more of it in the first world. In the Cosmopolitan repository, we've always had a PNG file checked-in to cope with these kinds of situations. https://github.com/jart/cosmopolitan/blob/master/libc/dns/dn...

You may want to upload the file to virustotal.com

Likely everything you're doing have been done in various Trojans, viruses, etc. You'll need to hack the noosphere at this point

I always upload my binaries to VirusTotal and always have. Like what? Writing assembly? Using the RDTSC instruction? Having a run-length decoder to make lookup tables smaller? I must be a stone cold black hat hacker. Anyone who monitors the behavior of these programs can see they're fully transparent, don't interact with the system weirdly, and they don't have any telemetry. The truth is some virus scanner person wrote an overly broad regex somewhere that's raising false positives due to a completely random occurrence. It might not happen as much to people who use MSVC since it always generates binaries the exact same way. But does that mean we should accept an MSVC monopoly? Because MSVC is the kind of compiler that's been known to insert telemetry into your programs when it wraps main(). Why don't virus scanners complain about that? All I'm trying to do is innovate in this space and create a better alternative. There shouldn't be these kinds of roadblocks to competition. In fact APE doesn't even compete. It's designed to be a complementary format that bridges gaps between communities and helps reduce pain for developers.

It is really annoying little the anti virus industry seems to care for false positives of anything other than the standard compiler output. Even an otherwise perfectly normal .exe compiled from a .c but without a standard compiler-provided start routine makes you an evil hacker writing dangerous programs in my experience. Guess caring about removing unnecessary overhead and bloat is only something virus creators do these days.

Of course if you get these vendors to fix their detections for your program and get google "safe" browsing and virus total (aka google again) to stop slandering your it will only take time before the whole thing starts again - even without any changes to your executables.

And beacuse these are respected™ software companies making the virus allegations your users will of course more often than not tell you to fix your executables when the bug is in their third party anti-virus software.

I'm getting more and more tempted to just not provide any Windows executables for my open source projects :/