Windows Defender started to detect false positives in .exe files few days ago. Anyone else seen this?
Saso
Windows defender's false positives - again
Re: Windows defender's false positives - again
We have to use cylance at my company. Every... And I mean really every compiled file is an Virus in the eyes of this crappy thing. But, this AV don't Block... It only delete after the app is closed and write a mimimi-mail to our admins.
At the end of some days I have around 50 entries for purbasic_compliator.exe and an angry admin, cause He got cylance Spam
At the end of some days I have around 50 entries for purbasic_compliator.exe and an angry admin, cause He got cylance Spam
Re: Windows defender's false positives - again
Virus total detects 4 threats: 6731a79a4e119283603a5fd94ab7dadb0e074d85b5b0f6cc09afc4c397f69eb1
Cynet Malicious (score: 100)
Microsoft Trojan:Win32/Wacatac.B!ml
Rising Trojan.Generic@AI.98 (RDML:63I3Nw4o6D3nwi3wUXZjKw)
SecureAge Malicious
It says that it contacts three IP addresses. I just open/write .txt files. Strange.
Saso
Cynet Malicious (score: 100)
Microsoft Trojan:Win32/Wacatac.B!ml
Rising Trojan.Generic@AI.98 (RDML:63I3Nw4o6D3nwi3wUXZjKw)
SecureAge Malicious
It says that it contacts three IP addresses. I just open/write .txt files. Strange.
Saso
Re: Windows defender's false positives - again
Cyllceaux wrote: Tue Jan 23, 2024 5:57 pm ... this AV don't Block... ... and write a mimimi-mail to our admins...
Made my day Re: Windows defender's false positives - again
I send all my compiled programs to https://www.microsoft.com/en-us/wdsi/filesubmission/ and that usually helps
PB 6.21 beta, PureVision User
Re: Windows defender's false positives - again
Curious about the process here. Is it as simple as submitting our executable using this method, and thereafter all Windows users with up-to-date AV, will then be able to install it without difficulty?zikitrake wrote: Thu Jan 25, 2024 5:34 pm I send all my compiled programs to https://www.microsoft.com/en-us/wdsi/filesubmission/ and that usually helps
In my case, what I've noticed over the past few days, is that when I use Innosetup to compile the setup file, Innosetup complains that a virus was detected, which no doubt has been returned by defender. It didn't happen with the PureBasic compilation and running of the executable, independently of Innosetup.
Re: Windows defender's false positives - again
Cylance is a virus itself without management. You have to request an exclusion path for your app's. Cylance will still monitor, but won't quarantine.Cyllceaux wrote: Tue Jan 23, 2024 5:57 pm We have to use cylance at my company. Every... And I mean really every compiled file is an Virus in the eyes of this crappy thing. But, this AV don't Block... It only delete after the app is closed and write a mimimi-mail to our admins.
At the end of some days I have around 50 entries for purbasic_compliator.exe and an angry admin, cause He got cylance Spam
The nice thing about standards is there are so many to choose from. ~ Andrew Tanenbaum
Re: Windows defender's false positives - again
It's a company AV... I can't configurate that thing.skywalk wrote: Thu Jan 25, 2024 8:07 pm Cylance is a virus itself without management. You have to request an exclusion path for your app's. Cylance will still monitor, but won't quarantine.
