Windows Defender Threat Detected Win32/Wacatac.D1!ml

[Ugenx]

I am assuming this is a false positive having to do with dotnet core as I found references to a similar situation happening with the dotnet sdk itself when people are building it from source (https://github.com/dotnet/runtime/issues/35167) but just figured I'd let you know that this is happening:

[flyingpie]

Hello @Ugenx!

Thank you for reporting this. Though it's common for lesser-known apps to be flagged by virus scanners, the app doesn't actually run on .Net Core.

I'm not sure if there's anything I can do to prevent this. Maybe signing the app with a paid-for certificate, or submitting to Virus Total and hoping tons of people will use it :)

[Ugenx]

Woops, silly me for assuming! I'm sure it has to do with the way you hook into/call the process; I too am not sure what can be done to prevent it. FWIW, I just clean installed my operating system last night as I had been dealing with some game performance issues since upgrading to Windows 10 2004 and it has yet to flag the program again. The previous installation also took a few days of running it before it detected/quarantined the executable as well which is curious.

[pnuzhdin]

I can confirm, I have the same issue.

[shashank-shekhar]

I built the latest and submitted the .exe to VirusTotal and got one detection Qihoo-360 HEUR/QVM03.0.9D9B.Malware.Gen
Quick Googling suggests that it is possibly a false positive because it's an .exe without a signed certificate.

[metya]

Confirm that. Now it is not working even after grant permission and whitelisted app in windows defender. And even after redownload app.

[flyingpie]

So I assume that the only way to not be flagged by virus scanners would be to sign the app, which I'm not intending to do (these are fairly pricey).

Unless this otherwise impacts usability of the app, I'm gonna close this issue. The app is open source, small and easy-to-build, so I'm not too interested in the trust-factor here.