Detected as trojan by Windows Defender

[elskewe]

In the wiki you say

Lastly, you should know that the only antivirus software you need is Windows Defender. It is very good at its job, and usually it won't register false-positives like this.

I'm afraid Microsoft Defender detected it as a trojan just today. This is the alert:

[IdmFoundInHim]

v1.1.5 seems to be causing fits. It was caught by Bitdefender Advanced Threat Defense (admittedly prone to false positives) as Gen:Variant.Ursu.637702, Trojan.GenericKD.41851507, and a few other things that I ignored. When I tried to reinstall, the download was flagged by Bitdefender Web Security, but v1.1.4 checked out.

[sriharshachilakapati]

It is detected as unwaders for me:

[spikespaz]

I noticed the same thing, but was hoping that it was only me. I already have investigated this a little bit. VirusTotal scores don't look good either. I switched the compiler to MSVC++ 2019, and I think that's what causing the issues. I don't know what compiler I was using to distribute the older versions because having it not be on 2019 was a mistake. I think LDC2 found some compiler and linker from MinGW-64 for versions prior to 1.1.5, and Defender did not flag that. I will also look into changes and see if I introduced some algorithm that the antiviruses don't like. I thought that it may be detecting some new code in ards.minigui, but versions prior to 1.1.5 also had that code. I'll check changes in that git submodule.

Aside from fixing whatever caused the program to be detected, does anybody know how to file a false-positive with Microsoft?

It's also strange that the same binary is approved by MS in the store version. If you want to use the one that's already signed and vetted by MS, get a free license.

[spikespaz]

The false-positive is introduced as of two commits 423b046 and
3fbb991. Or the introduction of engines.txt locally or remotely.

[spikespaz]

https://www.microsoft.com/en-us/wdsi/submission/b1e5a061-45c3-466b-8c62-4a273ceb5748

[ninchuka]

malware bytes is picking it up as generic.malware now

[spikespaz]

I don't know what to do about this other than ask you all to report false-positives.

[leblaze]

dec 2019, a shit ton of trojans detected in virustotal

[IdmFoundInHim]

Perhaps we need to roll back to 1.1.4 or release 1.1.5 again without engines.txt
Now, the store version is also getting flagged by Bitdefender

[xmha97]

Windows Defender delete setup file and don't allow I install it.
Please sign APPX package.

[spikespaz]

@xmha97 If you want to pay for it, I will sign the installer. If you want a signed APPX, go get it from the Microsoft Store.

Otherwise, change the action to "Allow on device"

[spikespaz]

Link to older issue, this is a duplicate: #37