4

It's a simple Windows Forms application using the Google Cloud SDK. I have properly signed the application using a purchased SHA256 Comodo CSC.

My solution has a single EXE file along with dependencies (DLL files and images) that is embedded inside an MSI (using the Setup Project).

I have signed both the EXE and MSI file using signtool appropriately and have verified the signatures. Virustotal.com report shows all green. I've submitted a false positive to Windows Defender here multiple times including individual files, and it came back as Clean.

I am perplex at this point. Is there anything else I should try? Windows Defender (latest updates) still reports it has a trojan.

Windows Defender false positives

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
xoail
  • 2,978
  • 5
  • 36
  • 70
  • 2
    Have you scanned your exe with another Virus checker just to make sure? If it is a false positive the only thing you can do is what you have done, and or make and exclusion for it – TheGeneral Feb 11 '18 at 05:46
  • I have scanned using a bunch of online scanners and they all came out green. Is there any common ones you'd recommend? I can make exclusions but asking customers to do so will be ugly. – xoail Feb 11 '18 at 05:50
  • If its simple, im curious to know what happens if you comment everything out, and whats actually causing it – TheGeneral Feb 11 '18 at 05:54
  • I did that and it’s the same issue. Only thing I left was references to google cloud sdk dlls in project. – xoail Feb 11 '18 at 06:04
  • If you add that reference to a newly created project is still still flagged as a virus? – TheGeneral Feb 11 '18 at 07:30
  • I created a separate blank winforms app with single form and a button. Even this form exe is getting caught by Defender as Malware. – xoail Feb 11 '18 at 19:32
  • 1
    @xoail did you ever resolve this issue? If so, can you share the outcome? – Drew Noakes Jul 16 '18 at 17:52

0 Answers0