Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Windows Defender is flagging the portable exe as Trojan #139

Closed
VesperLlama opened this issue Jul 20, 2021 · 8 comments
Closed

[Bug] Windows Defender is flagging the portable exe as Trojan #139

VesperLlama opened this issue Jul 20, 2021 · 8 comments
Assignees
@jely2002
Labels
bug Something isn't working priority Something breaking, with high priority

Comments

@VesperLlama
Copy link

Describe the bug
Windows Defender is flagging the portable version as Trojan (Emali.A!cl) and removing it. Defender only flags it when I open the app. Scanning the exe before opening doesn't show anything. Looks like the portable exe is downloading something which is triggering Defender.

To Reproduce
Steps to reproduce the behavior:

  1. Download portable exe
  2. Open it
  3. Windows Defender flags it and removes it

Expected behavior
The app opens normally. It worked fine few days ago but it's not working now.

Screenshots
error

Additional info:

  • OS: Windows 10 ver 2004
  • Application version: 2.2.2
  • Application type: Portable
@VesperLlama VesperLlama added the bug Something isn't working label Jul 20, 2021
@VesperLlama VesperLlama changed the title [Bug] Windows Defender flagging the portable exe as Trojan [Bug] Windows Defender is flagging the portable exe as Trojan Jul 20, 2021
@jely2002 jely2002 added the priority Something breaking, with high priority label Jul 20, 2021
@jely2002 jely2002 self-assigned this Jul 20, 2021
@jely2002
Copy link
Owner

jely2002 commented Jul 20, 2021
edited
Loading

I'm currently not home. So I'm unable to verify if it happens for me too. I just find it funny that I made this app to combat those ad/virus riddled download websites and now Defender flags it as a virus.

Anyway I can assure you I would never willingly put malware into this app. I think it's a false positive. When I search for the name of the trojan I find a lot of false positives.

Will be taking an in-depth look at this when I get home. (Couple days)

@jely2002
Copy link
Owner

I advise you to run a full system scan with something like malwarebytes. As the trojan might have already been on your system and injected itself into youtube-dl-gui, triggering Defender. I don't think this is the case but never too sure.

@admk
Copy link

admk commented Jul 20, 2021

I am encoutering this too possibly as a result of recent defender update.

@jely2002
Copy link
Owner

I will submit the app to the Windows Defender team when I get home. Does the installer get flagged as well by Defender?

@VesperLlama
Copy link
Author

@jely2002 The installer is working fine. Defender is only flagging the portable version.

I also ran a full system scan with both Malwarebytes and Defender and they didn't show any infections on the system.

@jely2002
Copy link
Owner

jely2002 commented Jul 21, 2021
edited
Loading

@eredrolo Can you give me the defender definitions version? So I can report it to Microsoft. https://go.microsoft.com/fwlink/?linkid=849601#definition-version

@VesperLlama
Copy link
Author

@jely2002 It is 1.343.1390.0

Screenshot 2021-07-21 195749

Looks like there was an update today and they fixed it. It's not flagging the portable version now and it's working fine.

@jely2002
Copy link
Owner

Good to know they fixed it. Closing the issue.

@StefanLobbenmeier StefanLobbenmeier mentioned this issue Nov 14, 2023
Open
@StefanLobbenmeier StefanLobbenmeier mentioned this issue Apr 11, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jely2002 jely2002

Labels
bug Something isn't working priority Something breaking, with high priority
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@admk @jely2002 @VesperLlama