Closed NiyaShy closed 1 year ago
neon-dev
commented
1 year ago That's correct. I did not have any trouble with Windows Defender, so I expected it to be fine for most people. I'd rather submit the file for whitelisting than replacing the executables in the release section. What AV programs did flag it other than G Data? If Windows Defender also blocks it then that must be new.
NiyaShy
commented
1 year ago Just checked my defender logs, and the actual first time it flagged the exe as malware was on 2022-12-09, so already in Friday. I just noticed today because I was wondering why the tool wasn't running. And when I noticed the issue with G Data (was probably also last week) I managed to upload it to VirusTotal after a few tries and scanner exclusions. Don't have the result link at hand (cause that all happened on another device), but IIRC over 40 of the ~70 scanners VT used reported that the tool is malware, so it's not just one or 2 scanners.
neon-dev
commented
1 year ago I've submitted the false positive to Microsoft now. After that's resolved maybe we should wait a few days before running a new check on VirusTotal to see what's left.
neon-dev
commented
1 year ago
Hey, thanks for creating this little tool, it's really helpful in homeoffice setups.
Only issue is, the compiled exe you released gets flagged by a lot of AV programs. Noticed it first a few days ago when a device running G Data AV blocked it, and today my other computer running windows defender also quarantined it.
Since a version I compiled myself from your AHK script works fine without any alerts I'd guess it's because you activated compression during compilation. Those packers are quite frequently (also) used by malware, so quite a lot of AV engines react to them.