Windows Defender detects v1.15.1 as a trojan #1648
Comments
cactysman
changed the title
|
Same problem |
|
Arf, this is the same problem as #1102 😞 Does it only block |
|
Wow, Windows defender is triggered by v1.15.1 but not by 1.15:
The only source code difference between the two versions is: 9767619 and 633a51e 🤔 |
|
Windows Defender is mad. There are same issues in many repositories. Just allow it or disable it. |
So far it only seems to complain about the |
|
|
|
Hi, should be related - Just got blocked by Chrome on trying to download, getting this message: V1.15 did not triggered such a message. Great tool and thanks for your effort!! |
Yes, I guess it's Windows defender too: https://windowsreport.com/failed-virus-detected-chrome/
I'm not sure there is a simple way to report false positives (and make them confirm that the file does not contain a trojan). |
|
@rom1v did you try to submit the binaries to Microsoft? https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/submission-guide |
|
oh, ok. Just thought it can help in someway. |
|
Thank you for the link.
Contrary to what this page says, as soon as I click on submit, it requires to be logged with some account. I just created an account and submitted "as a software developer" the file |
Yeah, I experienced the same frustration... It might have been available when they first launched the portal. |
|
Is it ok to use v1.15.0 instead? Is it much of a difference ? I've noticed both were published very near each other... |
|
Can confirm:
|
Here is the diff: v1.15...v1.15.1 |
|
@SimonMarquis Doesn't seem so important, no? |
|
It's probably Defender detecting some kind of evil in one of the SHA sums. |
|
@AndroidDeveloperLB no it doesn't seem that important and if v1.15 works for you, I guess you can keep it for now. |
|
For some reason, v1.16 is not detected as a trojan: https://www.virustotal.com/gui/file/3f30dc5db1a2f95c2b40a0f5de91ec1642d9f53799250a8c529bc882bc0918f0/detection 🎉 The problem is not "solved", but now that it seems ok with the latest release, I close this issue since it's a duplicate of #1102. |
I'm not sure to understand why it does not meet their criteria. And in that report, they say "no malware detected" 🤔 |
Microsoft being Microsoft. |
|
@rom1v I rescanned the file through VirusTotal and it says no malware detected from Microsoft anymore, but it is still detected as malware with SecureAge APEX and Rising, but that is not a huge issue. https://www.virustotal.com/gui/file/d07c28b00f59281fc0db77c8ad10fc8f7d6effbd4371331068f62ce2188e6f07/detection |
|
What does it mean "meet our criteria for detection" ? |
I believe what they mean is those files don't meet their criteria for detection as malware. I'm guessing they don't maintain a "false positive signature" list, which is a little disappointing - or they do, and for whatever reason, they chose not to put scrcpy on it, which would be rather disturbing. I hope that is not actually the case. |
|
But it's their AV app that reported it as such... |
Environment
Describe the bug
Windows Defender claims this version of
scrcpycontainsTrojan:Win32/Emali.A!cl.The text was updated successfully, but these errors were encountered: