Windows defender virus detected Trojan:Win32/Wacatac.B!ml

[dspjm]

Quarantined and said, "This program is dangerous and executes commands from an attacker."

[mhogomchungu]

I use Linux, I do not use window and i have windows 10 running in VirtualBox just so that i can develop for windows because why not and this problem of my project being flagged as harmful is putting me in a very awkward place because i know nothing about windows platform and its anti virus "feature".

The only thing i can say is that this is a "false positive". If you can silence the warning then please do that.

I looked around for this trojan and i landed here where people are reporting that programs they are writing themselves end up getting detected as having this trojan. Window's defender does not appear to be working well for a lot of people.

[Cirnyan]

For whatever it's worth, I often see this specific trojan "detected" by windows defender in applications that are fairly niche, whether it be graphics demos from scene.org or pouet, oldschool games, or specialized utilities like media downloader. My guess is there is some amount of judging an executable based on how many windows users have run it (possibly how recently as well?). In these cases, try using something like virustotal and if it's only "detected" by windows defender it's almost certainly just some part of its heuristics being overly cautious. Here are for example the results of the most recent version of media downloader: https://www.virustotal.com/gui/file/3871c1a12b5a6b99729dea46e26c53e43b5052e9d83f40c7950ce5f0cbdb684b

And You can verify it for yourself by visiting virustotal.com and inputting the media downloader exe yourself (it only hashes the file, so even large files are still very quick to "send").

edit: I should add that they have ways to submit suspected false positives for analysis, but holy moly is it ever a pain to navigate, involving a bunch of manually copypasting windows version numbers, defender database versions, You name it... In the end for devs it's probably less of a pain to just inform users that false positives from certain virus scanners do happen.

[Haikel-G]

I use Linux, I do not use window and i have windows 10 running in VirtualBox just so that i can develop for windows because why not and this problem of my project being flagged as harmful is putting me in a very awkward place because i know nothing about windows platform and its anti virus "feature".

The only thing i can say is that this is a "false positive". If you can silence the warning then please do that.

I looked around for this trojan and i landed here where people are reporting that programs they are writing themselves end up getting detected as having this trojan. Window's defender does not appear to be working well for a lot of people.

This explication should be added to the readme section.