Flagged by Windows Defender since v1.14.20

[WinXaito]

Hi,

I got a problem since I upgraded all my dependencies, my build was removed by Windows Defender (in a company).

So I rollback all dependency and I upgrade them one by one.

So, I can tell you that when I upgrade from 1.14.17 -> 1.14.22, I got flag. So I checked every version until I found the version 1.14.20 is problematic.

Of course I checked the code of that release and didn't see anything wrong, it's probably the upgrade of sqlite from 3.44 -> 3.45 that introduced a false positive.

So, I'm not sure if you're able to do anything about that. But maybe you can already confirm me that's really a false positive.

Let see if I'm the only one affected by that.

Thank you!

Here is the full message I got by Windows Defender:

[Enrico204]

There are a lot of false positive due to this new trend of using machine learning to classify malware without proper tuning. Go binaries in general are affected, e.g. https://go.dev/doc/faq#virus

Can you try to upload the file into VirusTotal and check whether other antivirus are flagging this as well? It would be useful to have the link to the analysis, I will take a look to that to give my opinion :-)

[WinXaito]

Can you try to upload the file into VirusTotal and check whether other antivirus are flagging this as well? It would be useful to have the link to the analysis, I will take a look to that to give my opinion :-)

Yeah I also checked that before, with the v1.14.19 I got flag by 4 antivirus and with the v1.14.20 only by 3... And both where detected by Google himself 😮

And that's kinda annoying to get my exe removed each time I run/debug my app. And I could exclude the folder from my antivirus, but because Go create a new random directory in the folder Temp at each build, I should exclude the whole temp directory, and I don't want to do that.