I haven't seen any other movement on this one, so I'll try to run with it. Work is kind of rough right now, but I'll try to work this in.
Ways that can help.
First and foremost, the scope of this examination is for Windows 64-bit version, 0.9.2b.64.pc
What I'm looking for, and ANYONE can contribute to this, whether you are having an issue or not, is the MD5 has of the zip file you pull down from this website, and whether Windows Defender (or any other antivirus tool) is flagging it as potentially malicious. Instructions for determining the hash of a file are available here:
https://support.microsoft.com/en-us/kb/889768
Windows doesn't ship (by default) with an MD5 checksum tool. You can download it here (there are some directions there as well, but not the short-and-sweet version that just gets the job done):
https://support.microsoft.com/en-us/kb/889768
I'm looking at MD5's because it looks like my two different computers downloaded two different versions of what should be the same file. I need to verify that this is taking place. A dynamically generated zip file from a website would make me very curious and slightly suspect.
Honestly, there is a fair probability that the files in question are a false positive. I'm concerned that there are two files, but that could be a simple case of the same writer writing two DLL files and using a line in the code that Windows Defender thinks is an indicator of a malicious file. Windows does have a file submission service, but the way the website is set up, it looks like Microsoft wants vendors to submit. I'm posting here, in hopes that someone from the Fritzing project will either give permission or say "Wait! Don't do that yet!".
Raw file analysis isn't going to happen. It takes more time than I've got, and I'm not betting all of your systems on my skills. Anyone else wants to tackle that, go for it.
So, why the interest in MD5's? MD5's are cryptographic hashes, and they have this pretty cool feature. You can actually test it out yourself. Take a file, and run it through the hashing algorithm, and you'll get something that looks like this: 8cc2fc821e28e2a6ad26b5fcefc83fa563644e44b9cb636f2bb1d500b3118b37
Now, go in and change one thing. Just one tiny thing. Turn a 1 into a 2. The file is the same size, has the same name, etc. To a casual glance (even an indepth glance), the files are identical. Run it through the same hashing algorithm, you'll get something like this: 7fe0929b50187490ed8b5a91ce587a483ccf1831c8f26da6eb699534129d9766
At a glance, it's dramatically different. But if you run the first file through an MD5 hashing algorithm on any computer, or any website, you'll always get the same hash.
Hashes are relatively unique. It is possible to generate the same hash for a functionally different file, but is statistically unlikely to happen by chance.
So, if folks start posting up numerous different hashes for the same file, there's something interesting going on (not necessarily malicious).
If someone else tackles parts of this, let me know what you find. Also, Fritzing team, I'm not looking to ruffle any feathers. I've worked on some projects like this, and I know that when I did it, there were insane numbers of people pointing out problems and never enough resources to do anything about it. I'm just looking to help out here. If that's not a good idea, please let me know.