Same here. The SHA256 sum doesn't correspond.

SHA256 at Golang site: 034b5bbe2337f69c5f9c0b533171b1a7a32ad30ca8dff963105aaf026601150a
SHA256: 13515401fc5e8e2959ee37413f9d2af934e2bfbba87a2a4d7a1c6058a9dbe6d5

Can't confirm.

hanaharu ~/ sha256sum go1.12.1.windows-amd64.msi 
034b5bbe2337f69c5f9c0b533171b1a7a32ad30ca8dff963105aaf026601150a  go1.12.1.windows-amd64.msi

Adding Location in case of MITM/Proxy issues: LA, North America

You might have an existing virus or malware that's MITMing your downloads.

See https://golang.org/doc/faq#virus

If I use Firefox instead of Chrome the save file is downloaded... This is normal?

Maybe your machine is infected with software that targets Chrome.

In any case, your machine's probably infected. You might want to clean it or nuke it and reinstall.

wget it :)

Same problem here. Downloading 1.11.6 works fine.
Version 1.12.1 triggers chrome thread protection and downloading any other way the anti-virus is triggered.

Tested on a completly fresh system.

Downloading the msi with an linux machine triggers anti-virus too. So there seems to be a Problem with the msi on the server.

Downloaded Zip hash is correct, but my AV makes alarm. Virustotal shows 2 trojans

https://www.virustotal.com/gui/file/644d6d5ecbdbfe13a98851dcb51cba502735d8bdabc2dc646ca96bb22db40230/detection

Downloading 1.11.6 works fine.

I think this case is false positive. Got the windows defender to allow so I could get the download. Then I ran the SHA256 hash check and it matched with the hash on golang site. Then I uploaded the download to virustotal.com, the analysis showed it passed with all flying green color.

Still not sure so I downloaded it again on commandline curl -O https://storage.googleapis.com/golang/go1.12.1.windows-amd64.msi , then I checked the sha256 hash again, it matched. Ran it thru virustotal.com again, all passed in green.

Also not sure so I scanned the whole system, took almost all day... No virus found.