Windows Defender Trojan alert for lnd.exe in \resources\assets\bin\win32\

[jaimenm]

Description

Windows Defender Trojan alert for \resources\assets\bin\win32\lnd.exe Trojan:Script/Cloxer.D!cl

Steps to reproduce the behavior

At opening the wallet after 30 days without using it. Autoupdates on. First installed version: Lightning-win32v0.2.1-alpha.exe Current version: 0.3.2.2366

[molxyz]

@jaimenm It must be a false positive. Which windows version are you using? You can also use other antivirus software to test. Also, that lightning-app version is very old. You can get the latest version from here: https://github.com/lightninglabs/lightning-app/releases .

[jaimenm]

Ok thanks. I was using Windows 8. Trying to update lightning-app to the latest version.

[molxyz]

@jaimenm I'm on Windows 10, also got the same message from Windows Defender about this "Trojan". I let windows quarantine it, then i deleted it from history, but after that I could not get the app to run. So I had to redownload the app, Windows Defender popped up the alert message again and quarantined the "trojan" again, but I went in the quarantine section and allowed it, then the app could run normally.

However, this is bad for the app design, and i would like to ask @tanx and @Roasbeef to please look into this. There has to be a way to fix this, or windows users won't use the app. Thanks.

[tanx]

Mmmh. Unfortunately we have no insight into the heuristics windows uses to identify a trojan. Perhaps once the number of users goes up after our mainnet launch windows will stop triggering the false positive.