locked
Windows Defender False Positives RRS feed

  • Question

  • Hello , 

    Im having a problem with Windows Defender Flagging my executable as a Trojan.

    Long story short is that i've been developing for more than 9 years now on a project ,never had any problems with false positives what so ever .

    Recently i started using "Themida" to protect my application ( Its a gaming client and reverse engineers are bypassing the ban system and the anticheat system because they can basically read the code) , I submit the application to Microsoft about an hour later the executable gets "Clean" and is no longer detected as a thread ( Huge thanks to microsoft ,other AV take days to even answer) . The actual Problem is that i have to repeat this process EVERY time i protect the executable with themida.

    I compile , Protect , Sign >>> GET flagged >>> Submit on microsoft website >>> Flag gets removed ( This process is repeated every single time i compile, even if i dont even make code changes , the second i hit protect from themida i basically know Windows defender is gonna flag me again) 

    Wednesday, May 13, 2020 11:22 AM

All replies

  • It depends on how you program it and if it behave like malicious file, then Windows Defender will detect it.

    You may add it to exception in Windows Defender and once you complete your project submit final file for analyze.

    Monday, May 18, 2020 2:37 PM