C
C#13mo ago
etet2

❔ Windows Defender false positives my application

after updating from dotnet 6 to 7 my game gets false positived by windows defender both when compiling myself and on the users end(there was a few time where i managed to compile without issues ands send over the files). i downgraded back to net6 but the issue seems to have persisted. Any clues how to fix this without just adding exceptions into windows defender?
7 Replies
etet2
etet213mo ago
seems like it's a ML based false positive
etet2
etet213mo ago
there really isnt anything i can about this is sad
arion
arion13mo ago
Many security vendors have a false positives appeals link, could look if that one has. For example: secureage (one of the vendors on the virustotal list) has an appeals process like this: https://www.secureage.com/support/report-false-positive though I believe many of them would only change it for that specific version of your application (it's hash) as they dont rly want to change their detection methods. Anyway, 1 hit hardly seems to be an issue, I think its more from Windows Defender's side an issue. The issue may be linked to defender's analysis of the behaviour of your .dll. Have you tried building it in Release mode by any chance? The virus total only lists some of these actions:
arion
arion13mo ago
IsDebuggerPresent can be seen as malicious, but in a debug build thats obviously not the case
mtreit
mtreit13mo ago
You should submit the file that is being detected here: https://www.microsoft.com/en-us/wdsi/filesubmission
Submit a file for malware analysis - Microsoft Security Intelligence
Submit suspected malware or incorrectly detected files for analysis. Submitted files will be added to or removed from antimalware definitions based on the analysis results.
mtreit
mtreit13mo ago
This particular detection has been causing a lot of false positives on .NET programs and there are people on the Defender team looking into how to fix it.
Accord
Accord13mo ago
Was this issue resolved? If so, run /close - otherwise I will mark this as stale and this post will be archived until there is new activity.
Want results from more Discord servers?
Add your server
More Posts
❔ ✅ Access variable from another scriptIm trying to make a project in WFA and i want to access a variable from my main form in a diff scrip❔ Tesseacti visit WebSite But I didn't understand anything any one help me pls❔ XAML - The property 'Content' is set more than onceI recently began working with XAMl, but I'm can't get my head around with this error message "The P✅ JSON serializing Optional type throws an exception(?)`Newtonsoft.Json.JsonWriterException: Token PropertyName in state Property would result in an invali❔ Iteration over multiple objects at the same timeHow do I iterate through several objects at the same time. Supposedly the objects have the same prop❔ accessing collections via principal entity vs directly on dbsetwhat is generally preferred if i want the accommodations of a listing (WITH resource ownership check✅ How to deploy gRPC Server + Client via dockerI wish to have a gRPC server and multiple clients connected to said server. In my current setup, I h❔ How to "mute and resume" in RiderWhen I have an exception breakpoint for all CLR exceptions, when the debugger halts for an exception❔ Best way to set up a websocket and API to access the data?I'm working on a website that gathers data through a websocket on the backend, using raw UDP packets❔ Blazor WebassemblyTrying to put an image into a canvas so I can use coordinates to place images in different spots. Tr