C
C#•2y ago
h0la

Editing a file triggers a ransomware antivirus alert

I am writing a program that works with a replay API from League of Legends, this requires the user to edit a config file in their game folders. I had the idea to offer the choise for the program to do this automatically, I have gotten so far as to ask for administrator permissions and try to edit the file, but this results in an antivirus popup. I understand why it's happening, but I'm wondering if there is any way around this?
9 Replies
Buddy
Buddy•2y ago
If it warns you about ransomware, make sure it isn't one! Ransomware's are very dangerous and should not be ignored. For you cannot simply remove one, you have to reinstall the entire machine (including formatting the disks) to remove it.
h0la
h0laOP•2y ago
Ah I meant that the program I am coding is getting falsely flagged as ransomware
JimmahDean
JimmahDean•2y ago
You can allow it in defender, or submit it to https://www.microsoft.com/en-us/wdsi/filesubmission as a software developer to have a microsoft guy take a look and see if they can update the definition to not have it flag as ransomware
Submit a file for malware analysis - Microsoft Security Intelligence
Submit suspected malware or incorrectly detected files for analysis. Submitted files will be added to or removed from antimalware definitions based on the analysis results.
h0la
h0laOP•2y ago
This is the piece of code that is triggering this alert, it's being triggered because "test.txt" is in the Documents folder
JimmahDean
JimmahDean•2y ago
that won't trigger a ransomware flag are you sure it's flagging your program?
h0la
h0laOP•2y ago
Here's the popup
JimmahDean
JimmahDean•2y ago
@rtreit (not sure if you're good with being pinged for things like this. let me know and i won't do it again) oh that's not defender couldn't tell you, you'd have to ask avast sorry rtreit 😦
rtreit
rtreit•2y ago
🙂
h0la
h0laOP•2y ago
alright
Want results from more Discord servers?
Add your server