Microsoft Defender has detected this file as a virus

[AoiNiCo]

Microsoft Defender has detected this file as a virus

[rhonivanpareja]

Yeah i have recieved the same notification on my antivirus, can someone review the changes why the file is being detected?

[Jonyee04]

it seems i am not alone, i got the same virus type, strange because yesterday i played without any warning

[Jonyee04]

i already removed because of security

[Jonyee04]

also, we got a response for the file creator earlier on his own post

So yeah, if you guys don't want to use the file anyways, we need to stick at 60 fps for now

[tuanminh26596]

I know the Developer has put a lot of effort and dedication into maintaining and updating the software until now, I'm really appreciate for that. But the current version is having a lot of problems with Windows Defender, especially when it classifies this software into many different types of viruses.

[Jonyee04]

@tuanminh26596 yeah i appreciate it too, it's nice to have someone like him supporting the comunity, but the only reason i don't let any file that gets a warning in my system it's because i suffered a lot with trojans back then, i think it's a valid point

[Clavus]

I've tried building the project myself and Windows Defender still tripped over the executable Visual Studio spat out. So yeah, it's some virus scanner heuristic that's resulting in a false positive.

I'm not much of a C++ dev myself otherwise it'd be interesting to dive in to see if there's a workaround to avoid the trigger.

[tuanminh26596]

@tuanminh26596 yeah i appreciate it too, it's nice to have someone like him supporting the comunity, but the only reason i don't let any file that gets a warning in my system it's because i suffered a lot with trojans back then, i think it's a valid point

Have to play Genshin at 60 fps on a 2k 164hz monitor is a torture 💀

[Vindfury]

I've tried building the project myself and Windows Defender still tripped over the executable Visual Studio spat out. So yeah, it's some virus scanner heuristic that's resulting in a false positive.

I'm not much of a C++ dev myself otherwise it'd be interesting to dive in to see if there's a workaround to avoid the trigger.

I also built it myself and it worked for some reason. Microsoft isn't detecting it. I did run into this warning Unmanaged.cpp(72,5): warning C4267: 'argument': conversion from 'size_t' to 'DWORD', possible loss of data Other than that it's fine. I'm not a dev at all, but from what I can see, it looks like it depends on your compiler. Mine isn't very updated. I'm currently using Microsoft Visual Studio Community 2022 RC (64-bit) Version 17.0.0 RC3

[Andrejob99]

yes, please fix

[EdwinStoteler]

Looking at the PR to 4.3 update I expect this line in the vcxproj file to be the issue: <UACExecutionLevel>RequireAdministrator</UACExecutionLevel>

At least I don't see any other changes that the program wasn't doing already before. Perhaps someone could make a branch and test it. Make a PR if it works. I don't have the tools installed on my PC (not going to use my work laptop for this).

[MenonPlayz]

The downloadable .exe doesnt get detected by VirusTotal, neither by Malwarebytes.

EDIT: I only sent the link to Virustotal, which doesnt work properly, as @Vindfury pointed out. My bad

I also built it myself and it worked for some reason. Microsoft isn't detecting it.

I tried the same, downloaded Visual Studio 2022, built the source code and scanned it with Windows Defender and Malwarebytes. No detection. Am using the self-built now

[Perceval21]

Porbably the problem is that Win Def is really picky.

[Vindfury]

The downloadable .exe doesnt get detected by VirusTotal, neither by Malwarebytes.

I also built it myself and it worked for some reason. Microsoft isn't detecting it.

I tried the same, downloaded Visual Studio 2022, built the source code and scanned it with Windows Defender and Malwarebytes. No detection. Am using the self-built now but I wouldn't worry too much

Unfortunately, scanning via the download link doesn't work. You need to upload it yourself for VirusTotal to show actual results. I'm curious if you got the same 'size_t' to 'DWORD' warning when you compiled it yourself.

For reference this is what you'll get from VirusTotal if you upload the GitHub exe https://www.virustotal.com/gui/file/40515ad6b9444753609a2c2d7c4da5855796dbdb202f0a0888f9c7e64800772c

And this is what I got when I compiled it myself https://www.virustotal.com/gui/file/8dfd69a737650991637dcd3e38fb57200753540e07b5a3acc98783d23b802644

Maybe you can also check your build if you don't mind uploading yours to VirusTotal as well

[Vindfury]

Looking at the PR to 4.3 update I expect this line in the vcxproj file to be the issue: <UACExecutionLevel>RequireAdministrator</UACExecutionLevel>

At least I don't see any other changes that the program wasn't doing already before. Perhaps someone could make a branch and test it. Make a PR if it works. I don't have the tools installed on my PC (not going to use my work laptop for this).

If I recall correctly, the detection started happening with the v2.1.2 release. I stuck with v2.1.1 because it was working fine for 4.2 anyway

[MenonPlayz]

@Vindfury here is the one I built from source-code. Detections are the same as yours. I updated my previous comment https://www.virustotal.com/gui/file/d67676d592ba760eff701b654080a325a4041b538a260319450ca736aff70316?nocache=1

Im gonna try and build the previous versions

[Vindfury]

@MenonPlayz Thank you! I appreciate it and yeah, I saw your updated post

[Rabydex556]

Hello. 7 hours ago today I received the same error. I tried to reinstall everything and I still get the Windows Defender alert. Hopefully the creator of an explanation or a patch to solve this quickly. I want to enjoy the new event at 120fps :(

[Delpirou-Maxime]

i have the same "issue" but as the dev said, it's a false positive.

You have the same issue with cheatengine for example (windows defender and some other Anti Virus said it's a trojan/malware) but if you download from a trust source there's no problem.

But again you can built in yourself but if i've read correctly even this trigger some Anti-Virus.

I choose to trust the dev.

[MenonPlayz]

Okay, I built everything since the May 29 commit "try to fix unlocker not working on first boot"

The VirusTotal links for my self compiled May 29, November 17 commit, December 6, December 7, December 16, December 17 - 1, December 17 - 2 and December 19 aka latest commit builds seem to show the same detections. They are different from scanning the downloaded exe of the 2.0.0 release, which gives this VirusTotal report.

None get detected by Microsoft Defender (both on my PC and in VirusTotal, I manually selected and scanned all of the exes). While doing this, I realised I should check older releases as a comparison. Release v1.4.2 and Release v1.0.0 did show some slightly different things.

I dont know a lot about malware, am new to C++ and new to this unlocker. So I can only give my findings to y'all

[Rabydex556]

Bien, construí todo desde la confirmación del 29 de mayo "intente arreglar que el desbloqueo no funcione en el primer arranque"

Los enlaces de VirusTotal para mi autocompilación del 29 de mayo , confirmación del 17 de noviembre , 6 de diciembre , 7 de diciembre , 16 de diciembre , 17 y 1 de diciembre , 17 y 2 de diciembre y 19 de diciembre, también conocidas como las últimas compilaciones de confirmación, parecen mostrar las mismas detecciones. Son diferentes de escanear el archivo ejecutable descargado de la versión 2.0.0, que proporciona este informe de VirusTotal .

Microsoft Defender no detecta ninguno (tanto en mi PC como en VirusTotal, seleccioné y escaneé manualmente todos los archivos ejecutables). Mientras hacía esto, me di cuenta de que debería comprobar las versiones anteriores a modo de comparación. La versión v1.4.2 y la versión v1.0.0 mostraron algunas cosas ligeramente diferentes.

No sé mucho sobre malware, soy nuevo en C++ y nuevo en este desbloqueador. Así que sólo puedo darles mis hallazgos a todos ustedes.

Excuse me, can you give me a small class on how to compile from Visual Studio so I can use it in official Genshin? I am 100% new to programming