PureBasic Forums - English

Windows Defender started to detect false positives in .exe files few days ago. Anyone else seen this?

Saso

We have to use cylance at my company. Every... And I mean really every compiled file is an Virus in the eyes of this crappy thing. But, this AV don't Block... It only delete after the app is closed and write a mimimi-mail to our admins.

At the end of some days I have around 50 entries for purbasic_compliator.exe and an angry admin, cause He got cylance Spam

Virus total detects 4 threats: 6731a79a4e119283603a5fd94ab7dadb0e074d85b5b0f6cc09afc4c397f69eb1

Cynet Malicious (score: 100)
Microsoft Trojan:Win32/Wacatac.B!ml
Rising Trojan.Generic@AI.98 (RDML:63I3Nw4o6D3nwi3wUXZjKw)
SecureAge Malicious

It says that it contacts three IP addresses. I just open/write .txt files. Strange.

Saso

Cyllceaux wrote: Tue Jan 23, 2024 5:57 pm ... this AV don't Block... ... and write a mimimi-mail to our admins...

Made my day

I send all my compiled programs to https://www.microsoft.com/en-us/wdsi/filesubmission/ and that usually helps

zikitrake wrote: Thu Jan 25, 2024 5:34 pm I send all my compiled programs to https://www.microsoft.com/en-us/wdsi/filesubmission/ and that usually helps

Curious about the process here. Is it as simple as submitting our executable using this method, and thereafter all Windows users with up-to-date AV, will then be able to install it without difficulty?

In my case, what I've noticed over the past few days, is that when I use Innosetup to compile the setup file, Innosetup complains that a virus was detected, which no doubt has been returned by defender. It didn't happen with the PureBasic compilation and running of the executable, independently of Innosetup.

Cyllceaux wrote: Tue Jan 23, 2024 5:57 pm We have to use cylance at my company. Every... And I mean really every compiled file is an Virus in the eyes of this crappy thing. But, this AV don't Block... It only delete after the app is closed and write a mimimi-mail to our admins.

At the end of some days I have around 50 entries for purbasic_compliator.exe and an angry admin, cause He got cylance Spam

Cylance is a virus itself without management. You have to request an exclusion path for your app's. Cylance will still monitor, but won't quarantine.

skywalk wrote: Thu Jan 25, 2024 8:07 pm Cylance is a virus itself without management. You have to request an exclusion path for your app's. Cylance will still monitor, but won't quarantine.

It's a company AV... I can't configurate that thing.