Windows defender reports Wactatac.B!ml malware

[MNeMoNiCuZ]

[hbl917070]

I can’t do anything about this antivirus software misjudgment issue. Some antivirus software seems to be particularly sensitive to applications compiled into Native AOT, and I’m powerless in this situation.

[MNeMoNiCuZ]

Understood. There's no place you can submit the program to, to make it check and verify if it's benign?

[hbl917070]

I have already tried submitting Tiefsee.zip to the following website. https://www.microsoft.com/en-us/wdsi/filesubmission/

[MNeMoNiCuZ]

It's funny since the store version works just fine. And they still block the other :(

[hbl917070]

I think it’s a minor issue that the zip file is judged as a virus. After all, for general users, it’s difficult to determine whether an exe from the internet is risky. However, I’m quite helpless when some antivirus software even judges the store version of Tiefsee as a virus. For example: Trend Micro.

[hbl917070]

I am using NamedPipeClientStream to replace HttpClient, theoretically this can reduce the chance of being misjudged as a Trojan. Try downloading the Nightly version of Tiefsee.zip to see if it is misjudged as a Trojan. https://github.com/hbl917070/Tiefsee4/releases

[MNeMoNiCuZ]

This version appears to be working fine.

After a Windows Update, it once again flagged the previous version.

This new version (4.2.3) seem to not trigger any detection.

[TonyBaldascino]

Appears that 4.2.3 is now being detected on Windows as well as 20+ vendors on VirusTotal.

[MNeMoNiCuZ]

I got the same issues. Is the program self-updating? I didn't ask for it to get updated :(

[hbl917070]

Tiefsee 4.2.4 no longer uses .NET AOT for compilation, theoretically it will not be misidentified by antivirus software.