Editing a file triggers a ransomware antivirus alert
I am writing a program that works with a replay API from League of Legends, this requires the user to edit a config file in their game folders. I had the idea to offer the choise for the program to do this automatically, I have gotten so far as to ask for administrator permissions and try to edit the file, but this results in an antivirus popup. I understand why it's happening, but I'm wondering if there is any way around this?
9 Replies
If it warns you about ransomware, make sure it isn't one!
Ransomware's are very dangerous and should not be ignored.
For you cannot simply remove one, you have to reinstall the entire machine (including formatting the disks) to remove it.
Ah I meant that the program I am coding is getting falsely flagged as ransomware
You can allow it in defender, or submit it to https://www.microsoft.com/en-us/wdsi/filesubmission as a software developer to have a microsoft guy take a look and see if they can update the definition to not have it flag as ransomware
Submit a file for malware analysis - Microsoft Security Intelligence
Submit suspected malware or incorrectly detected files for analysis. Submitted files will be added to or removed from antimalware definitions based on the analysis results.
This is the piece of code that is triggering this alert, it's being triggered because "test.txt" is in the Documents folder
that won't trigger a ransomware flag
are you sure it's flagging your program?
Here's the popup
@rtreit (not sure if you're good with being pinged for things like this. let me know and i won't do it again)
oh that's not defender
couldn't tell you, you'd have to ask avast
sorry rtreit 😦
🙂
alright